Privacy Act of 1974; computer matching program--HCFA. Clarification--computer match between HCFA and the Internal Revenue Service (IRS)--notice published in the Federal Register on July 5, 1989

Pursuant to the Computer Matching and Privacy Protection Act of 1988, Public Law 100-503, October 18, 1988, and the Office of Management and Budget (OMB) Guidelines on the Conduct of Matching Programs, the IRS published a notice in the Federal Register (54 FR 28149; July 5, 1989) announcing their intention to conduct a match with a number of Federal and State agencies including HCFA. These matches, in accordance with various provisions of section 6103 of the Internal Revenue Code (IRC) of 1986, provide these agencies with tax information from IRS records to assist them in administering the programs and activities as described. The match with HCFA is pursuant to IRC 6103(1)(7). The IRS is required, upon written request, to disclose current information from returns with respect to unearned income to any Federal, State, or local agency administering certain federally approved programs to provide, among other things, medical assistance. HCFA is publishing this notice to ensure that the public is aware that it is participating in this match to verify Medicaid eligibility. The HHS Data Integrity Board has approved an Agreement between HCFA and the IRS on February 8, 1990, as required by the Computer Matching and Privacy Protection Act of 1988.     

Privacy Act of 1974; computer matching program--HCFA. Notice of a matching program--HCFA's Health Insurance (HI) Master Record and information from four Railroad Retirement Board (RRB) systems of records

The Department of Health and Human Services is providing public notice that the RRB agrees to disclose information concerning Medicare eligible railroad retirees to HCFA. The matching report set forth below is in compliance with the Computer Matching and Privacy Protection Act of 1988 (Pub. L. No. 100-503).     

Privacy Act of 1974; matching program--HCFA. Notice of a matching program--the Internal Revenue Service (IRS), the Social Security Administration (SSA), and HCFA--disclosure of IRS taxpayer identity and filing status information to be matched with SSA earned income information for Medicare beneficiaries and their spouses

As required by Section 6202 of the Omnibus Budget Reconciliation Act of 1989 (OBRA 1989), Public Law 101-239, the Department of Health and Human Services is providing public notice that the IRS and the SSA will disclose certain information regarding the taxpayer identification and filing status and the earned income of Medicare beneficiaries and their spouses for HCFA's use in identifying Medicare secondary payer (MSP) situations. This will enable HCFA to seek recovery of identified mistaken payments that were the liability of another primary insurer or other type of payer. The matching report set forth below is in compliance with the Computer Matching and Privacy Protection Act of 1988 (Pub. L. No. 100-503).     

Privacy Act of 1974--HCFA. Notice of a matching program--between HCFA and the Wisconsin Bureau of Workers' Compensation--HCFA will receive information from the state concerning work-related injuries and diseases

Section 1862(b)(2) of the Social Security Act (42 U.S.C. 1395(b)(2)) prohibits Medicare payment with respect to any item or service to the extent that payment has been made, or can reasonably be expected to be made promptly, under a workers' compensation law or plan of the United States or a State. HCFA has developed a model agreement to be used in negotiating individual agreements with State Workers' Compensation Boards. The agreement will allow HCFA to seek recovery of identified mistaken payments that are the liability of workers' compensation agencies. The matching report set forth below is in compliance with the Computer Matching and Privacy Protection Act of 1988 (Pub. L. 100-503).     

Privacy and security by design: Comparing the EU and Israeli approaches to embedding privacy and security

Policymakers in the European Union and Israel are searching for regulatory strategies on how to best protect their citizens informational privacy. More recently, the focus has shifted towards Privacy and Security by Design as a mean to address current privacy concerns. While Privacy and Security by Design in itself is not a new idea, its implementation has taken new forms within the General Data Protection Regulation, as well as in various Israeli laws, inter alia, the Privacy Protection Regulations on Data Security. In this article we first analyse these implementations of Privacy and Security by Design and then compare the European and Israeli approaches with one another. We address the question of which approach provides more guidance to developers with respect on how to embed Privacy and Security by Design measures into new services and products. We conclude by pointing to empirical research needed to further analyse the impact of the two different regulatory strategies.     

香港个人资料隐私保护之经验——兼论我国个人资料保护法之制定

个人信息作为信息的一种,具有与信息相同的特征。个人资料属于现代隐私的外延,指的是可以识别出个人的所有资料。我国香港特别行政区已于1996年12月实施了《个人资料(私隐)条例》。在实施的十年间,法院与香港个人资料私隐专员公署分别做出了一些司法原则和执行决定,很值得我国在制定《个人资料保护法》时加以参考与借鉴。     

The necessity of the implementation of Privacy by Design in sectors where data protection concerns arise

This article examines the extent to which Privacy by Design can safeguard privacy and personal data within a rapidly evolving society. This paper will first briefly explain the theoretical concept and the general principles of Privacy by Design, as laid down in the General Data Protection Regulation. Then, by indicating specific examples of the implementation of the Privacy by Design approach, it will be demonstrated why the implementation of Privacy by Design is a necessity in a number of sectors where specific data protection concerns arise (biometrics, e-health and video-surveillance) and how it can be implemented.     

An update on personnel recordkeeping and employee privacy

"Privacy," says the President, "is a permanent public issue." So permanent, in fact, that the federal Privacy Protection Study Commission made 34 recommendations covering employee recordkeeping, all of which deserve personnel's attention. Our author also focuses on General Electric's all-out privacy compliance program, which may well prove a good model for other corporations to follow.     

Medicaid program; eligibility changes under the Affordable Care Act of 2010. Final rule, Interim final rule

This final rule implements several provisions of the Patient Protection and Affordable Care Act of 2010 and the Health Care and Education Reconciliation Act of 2010 (collectively referred to as the Affordable Care Act). The Affordable Care Act expands access to health insurance coverage through improvements to the Medicaid and Children's Health Insurance (CHIP) programs, the establishment of Affordable Insurance Exchanges ("Exchanges"), and the assurance of coordination between Medicaid, CHIP, and Exchanges. This final rule codifies policy and procedural changes to the Medicaid and CHIP programs related to eligibility, enrollment, renewals, public availability of program information and coordination across insurance affordability programs.     

Privacy Act of 1974; exempt record system--HHS. Final rule

The Office of the Secretary of the Department of Health and Human Services is amending its Privacy Act Regulations to exempt the system of records, "Civil and Administrative Investigative Files of the Inspector General, HHS/OS/OIG," from certain provisions of the Privacy Act. This exemption is authorized by subsection (k)(2) of the Privacy Act, which applies to investigative materials compiled for law enforcement purposes. The Office of Inspector General (OIG) is authorized to gather information for Civil and administrative law enforcement purposes under Pub. L. 94-505, establishing the HHS Office of Inspector General, and section 1128A of the Social Security Act, authorizing civil money penalties for the filing of false claims in certain health care financing programs. In order to maintain the integrity of the OIG investigative process and to assure that the OIG will be able to obtain access to complete and accurate information, the Department is exempting this system, under subsection (k)(2), from the notification, access, correction and amendment provisions of the Privacy Act.     

Privacy Act; exempt record system--Office of the Secretary, DHHS. Notice of proposed rulemaking

The Office for Civil Rights of the Department of Health and Human Services maintains a system of records entitled "Complaint Files and Log. HHS/OS/OCR." The Department intends to exempt this system from certain provisions of the Privacy Act, 5 U.S.C. 552a. The proposed exemption is authorized by subsection (k)(2) of the Privacy Act, which applies to investigative materials compiled for law enforcement purposes. The Office for Civil Rights (OCR) is authorized to gather information for civil and administrative law enforcement purposes pursuant to several statutes requiring nondiscrimination in programs or activities receiving Federal financial assistance. In order to maintain the integrity of the OCR investigative process and to access to complete and accurate information, the Department proposes to exempt this system, under subsection (k)(2), from the notification, access, correction and amendment provisions of the Privacy Act. The Department is requesting public comments on the proposed exemption.     

Privacy Act; exempt record system--HHS. Final rule

The Office for Civil Rights of the Department of Health and Human Services maintains a system of records entitled "Complaint Files and Log. HHS/OC/OCR." The Department is exempting this system from certain provisions of the Privacy Act, 5 U.S.C. 552a. The exemption is authorized by subsection (k)(2) of the Privacy Act, which applies to investigative materials compiled for law enforcement purposes. The Office for Civil Rights (OCR) is authorized to gather information for civil and administrative law enforcement purposes pursuant to several statutes requiring nondiscrimination in programs or activities receiving Federal financial assistance. In order to maintain the integrity of the OCR investigative process and to assure that OCR will be able to obtain access to complete and accurate information, the Department is exempting this system, under subsection (k)(2), from the notification, access, correction and amendment provisions of the Privacy Act.     

Medicare and Medicaid programs; programs of all-inclusive care for the elderly (PACE); program revisions. Final rule

This rule finalizes the interim final rule with comment period published in the Federal Register November 24, 1999 (64 FR 66234) and the interim final rule with comment period published in the Federal Register on October 1, 2002 (67 FR 61496). The November 1999 interim final rule implemented sections 4801 through 4803 of the Balanced Budget Act of 1997 (Pub. L. 105-33) and established requirements for Programs of All-inclusive Care for the Elderly (PACE) under the Medicare and Medicaid programs. The interim final rule with comment period published on October 1, 2002 (67 FR 61496) implemented section 903 of the Medicare, Medicaid, and SCHIP Benefits Improvement and Protection Act of 2000 (BIPA) (Pub. L. 106-554).     

Medicare and state health care programs: fraud and abuse; amendments to OIG exclusion and CMP authorities resulting from the Medicare and Medicaid Patient and Program Protection Act--Office of Inspector General (OIG), HHS. Final rule

This document amends a technical error that appeared in the final rule, which amends the OIG exclusion and CMP authorities, published on January 29, 1992 designed to implement section 2 of the Medicare and Medicaid Patient and Program Protection Act, along with other conforming amendments. The final rule is designed to protect program beneficiaries from unfit health care practitioners, and otherwise improve the anti-fraud provisions of the Department's Medicare and State health care programs.     

Privacy Act of 1974; proposed major alterations to an existing system of records--Public Health Service. Notice of proposed major alterations

In accordance with the requirements of the Privacy Act, the Public Health Service (PHS) is publishing a notice proposing major alterations in the Privacy Act system of records entitled "Grants Act system of records entitled "Grants: Research, Research Training, Research Scientist Development, Education, Demonstration, Fellowships, Clinical Training, Community Services, Cooperation Agreements, "HHS/ADAMHA/OA, 09-03-0027. The system contains the official documentation of the grant programs of the Alcohol, Drug Abuse, and Mental Health Administration (ADAMHA). The proposed alterations are necessary to ensure compliance with recently added provisions in the Public Health Service Act (PHSA). Section 303 (42 U.S.C 242a), concerning clinical training awardees' payback obligations.     

Book reviews

Handbook of Legal Information Retrieval Edited by J Bing, Norwegian Research Centre for Computers and Law, Oslo, in co‐operation with T Fjeldvig, T Harvold and R Svoboda North‐Holland 1984, US $96.25

Information Technology: The Challenge to Copyright. James Lahore, Gerald Dworkin and Yvonne Smyth Sweet & Maxwell and The Centre for Commercial Law Studies 1984, £12.00

Data Processing and the Law Edited by Colin Campbell Sweet and Maxwell 1984, £20.00

Le droit des Contrats Informatiques — Principes — Applications Centre de Recherches informatique et droit des Facultes Universitaires de Namur Maison Ferdinand Larder (Brussels), 1983, 45 FB

Computer Insecurity Adrian R.D. Norman Chapman and Hall 1983, £14.95

The Data Protection Act Richard Sizer and Philip Newman Gower Publishing, 1984, £16.95

The Data Protection Act 1984 Professor Bryan Niblett Oyez Longman Publishing, 1984, £18.00

The Data Protection Act 1984 — A Guide to the New Legislation J. A. L. Sterling CCH Editions, 1984, £15.00

Privacy and Data Protection — An International Bibliography Professor David H. Flaherty Mansell Publishing, 1984, £23.50

Computer Contracts R Morgan & G Stedman Oyez Longman Publishing 1984, 2nd Edition, £27.50

Computer Contracts Handbook Michele Rennie Sweet & Maxwell 1984, £15.00

Computer Contracts — An International Guide to Agreements and Software Protection Hilary Pearson Financial training 1984, £14.95     

Medicaid reimbursement of teaching hospitals

This paper examines current Medicaid policies on the reimbursement of hospitals' medical education expenses. These policies are of interest because of the pressure on Medicaid programs to reduce expenditures. Data for the paper come mainly from two sources: a survey of Medicaid programs and a survey of teaching hospitals. Teaching hospitals receive a disproportionate share, nearly 70 percent in 1978, of Medicaid short-term hospital payments. Nevertheless, most Medicaid programs either have no explicit policies in this area or have not acted aggressively to limit reimbursement of hospitals' teaching expenses. Revenues from Medicaid are most important to public teaching hospitals. Thus, across-the-board reductions in Medicaid's reimbursement of teaching expenses would most severely affect public institutions, many of which already face cuts in their local government appropriations. Savings to Medicaid would also be short-lived, since teaching hospitals would have the incentive to reduce teaching program size and substitute reimbursable personnel (nurses and staff physicians) for residents.     

美国信息隐私立法透析

美国法以隐私权作为个人信息保护的权利基础,在公领域,实行分散立法模式;在私领域,美国选择了行业自律模式,在全球个人信息保护立法中产生了巨大的影响。美国制定信息隐私保护政策和法律的基本思路是力求在信息流通和隐私保护之间寻求平衡。信息隐私权是美国信息隐私法上的一个核心概念,它是随着社会对个人信息的保护而产生的,指个人针对其信息所享有决定权、支配权和控制权。     

Book reviews

An Artificial Intelligence Approach to Legal Reasoning Anne Von Der Leith Gardner MIT Press 1987. £20.25

Design—The Modern Law and Practice Ian Morris and Barry Quest Butterworths. 1987. £45

Computers and the Law Richard Mawry and Keith Salmon BSP Professional Books,(Oxford, London, Edinburgh) 1988, £19.95

Television by Satellite—Legal Aspects Stephen de B. Bate (ed.) ESC Publishing Limited. 1987. £32.75.

Computer Software: Legal Protection in the United Kingdom Henry Carr E.S.C. Publishing Ltd 1987, £32.50.

Patents in Chemistry and Biotechnology Philip W Grubb Clarendon Press 1987. £12.50.

The International Handbook on Computer Crime Computer‐related Economic Crime and the Infringements of Privacy Ulrich Sieber John Wiley & Sons 1987. £24.95.

Computer Law: Theory and Practice Naomi Assia Advocate     

Privacy notices versus informational self-determination: Minding the gap

Privacy notices are instruments that intend to inform individuals of the processing of their personal data, their rights as data subjects, as well as any other information required by data protection or privacy laws. The goal of this paper is to clarify the current discourse regarding the (in)utility of privacy notices, particularly in the context of online transactions. The perspective is a European one, meaning that the analysis shall be geared towards the European Data protection framework, particularly the European Data Protection Directive. The paper discusses the role that privacy notices play under the European data protection framework today, summarizes the main critiques regarding the use of privacy notices in practice and develops a number of recommendations.