Two arguments that can’t be more dangerous, People don’t care about Privacy, Get all the data you can
Detecting Inappropriate Access to Personal Health Information
“While PHIPA has served Ontarians well over the last decade, rapid changes in technology and communications are demanding that we keep pace. With the growing use of electronic health records, the province needs a legislative framework that addresses the rights of individuals and the duties and obligations of health care providers in an electronic environment. Modernizing PHIPA will pave the way for a smooth and seamless transition toward 21st century health care while protecting our privacy.” – Brian Beamish, Information and Privacy Commissioner of Ontario
Event: 2016 PHIPA Connections Summit www.phipasummit.ca
Using Machine Learning Healthcare to detect healthcare snoopers
Talk By Dr. Wael Hassan and Dr. Daniel Fabbri
Open Electronic Medical Record (EMR) access environments trade clinician efficiency for patient privacy. Monitoring EMR accesses for inappropriate use is challenging due to access volumes and hospital dynamics. This talk presents the Explanation-Based Auditing System, which uses machine learning to quickly identify suspicious accesses, improving compliance officer efficiency and patient privacy.
PhD. Assistant Professor of Biomedical Informatics and Computer Science, Vanderbilt University,
Maize AnalyticsDaniel Fabbri, Ph.D., is an Assistant Professor of Biomedical Informatics in the School of Medicine at Vanderbilt University. He is also an Assistant Professor of Computer Science in the School of Engineering. His research focuses on database systems and machine learning applied to electronic medical records and clinical data. He developed the Explanation-Based Auditing System, which uses data mining techniques to help hospital compliance officers monitor accesses to electronic medical records in order to identify inappropriate use. He received a National Science Foundation Innovation Corps award to commercialize this auditing technology at Maize Analytics. Beyond research, he has participated in the A World In Motion program, which teaches elementary and middle school children physics through weekly interactive experiments such as building toy cars powered by balloons. He received his doctorate in computer science from the University of Michigan, Ann Arbor and a bachelor of science in computer science and engineering from the University of California, Los Angeles. Prior to joining Vanderbilt, he interned at Google, Microsoft Research, Goldman Sachs, Lockheed Martin and Yahoo. Students interested in research topics on machine learning, data management and the security of electronic medical records and clinical data? Please consider applying to the Vanderbilt Biomedical Informatics or Computer Science graduate programs. Selected Invited Talks: • The Open Web Application Security Project, Chicago, 2014. • Safeguarding Health Information: Building Assurance through HIPAA Security, U.S. Health and Human Services Department, Washington D.C., 2013. • Archimedes Workshop on Medical Device Security, University of Michigan, Ann Arbor, 2013.
Founder: Big Data, Privacy and Risk,
Ki Design MagazineDr. Waël Hassan is one of North Americas leading advisors on privacy and cyber security innovation. He serves as an advisor for both the political and industry organizations to help them better understand privacy and cyber security technology & adoption. He has in-depth knowledge of privacy laws across Canada, EU, and the US, along with, holds the first Canadian PhD in Validation of Legal Compliance. In his role Waël advances his clients’ interests on a range of issues, including internet freedom, cyber security, surveillance, disaster response, product certification, and risk metrics. Dr. Hasan founded KI DESIGN Magazine, http://magazine.kidesign.net, where he writes a regular column. Waël’s highly anticipated book, Privacy in Design: A practical guide for corporate compliance will be released in Spring 2017.
Identity and Access Management (IAM) has two seemingly opposed purposes: to enable user access to information, and to block user access to restricted information. In fact, strong security and user-friendly access are by no means mutually exclusive: a mature IAM solution provides both. Read a summary of my IAM Maturity Model.