IBM®
Skip to main content
    Country/region [change]    Terms of use
 
 
 
    Home    Products    Services & solutions    Support & downloads    My account    

IBM Systems Journal
Compliance Management   Volume 46, Number 2, 2007
Table of contents: HTMLPDF This article: HTMLPDF   Copyright info

Compliance with data protection laws using Hippocratic Database active enforcement and auditing - References

 by C. M. Johnson
and T. W. A. Grandison
Cited references

  1. D. Solove, The Digital Person, NYU Press, New York (2004).
  2. R. Agrawal, J. Kiernan, R. Srikant, and Y. Xu, “Hippocratic Databases,” Proceedings of the 28th International Conference on Very Large Databases, Morgan Kaufmann Publishers, San Francisco, CA (2002), pp. 143–154.
  3. K. LeFevre, R. Agrawal, V. Ercegovac, R. Ramakrishnan, Y. Xu, and D. DeWitt, “Limiting Disclosure in Hippocratic Databases,” Proceedings of the 30th International Conference on Very Large Databases, Morgan Kaufmann Publishers, San Francisco, CA (2004), pp. 108–119.
  4. R. Agrawal, R. Bayardo, C. Faloutsos, J. Kiernan, R. Rantzau, and R. Srikant, “Auditing Compliance with a Hippocratic Database,” Proceedings of the 30th International Conference on Very Large Databases, Morgan Kaufmann Publishers, San Francisco, CA (2004), pp. 516–527.
  5. Report to the President, Revolutionizing Health Care Through Information Technology, President's Information Technology Advisory Committee (June 2004), http://www.nitrd.gov/pitac/meetings/2004/20040617/20040615_hit.pdf.
  6. Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of Such Data, Official Journal of the European Communities of 23 November 1995 No L. 281 p. 31, http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:31995L0046:EN:HTML.
  7. Personal Information Protection and Electronic Documents Act, Statutes of Canada, Second Session, Thirty-sixth Parliament, 48–49 Elizabeth II, 1999–2000 (2000), http://laws.justice.gc.ca/en/P-8.6/text.html.
  8. Personal Information Protection Act, Law 57 of 2003, Japan, http://www5.cao.go.jp/seikatsu/kojin/foreign/act.pdf.
  9. Privacy Act 1988, Act No. 119 of 1988 as amended, Commonwealth of Australia, http://www.privacy.gov.au/publications/privacy88_030706.pdf.
  10. Personal Data Protection Act, Act 25, 326, enacted October 4, 2000, Argentine Republic, http://www.privacyinternational.org/article.shtml?cmd%5B347%5D=x-347-63297.
  11. OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data, adopted September 23, 1980, Organisation for Economic Co-operation and Development, http://www.oecd.org/document/18/0,2340,en_2649_201185_1815186_1_1_1_1,00.html.
  12. Health Insurance Portability and Accountability Act of 1996, Public Law 104-191, 104th Congress of the United States of America, http://www.cms.hhs.gov/HIPAAGenInfo/Downloads/HIPAALaw.pdf.
  13. Gramm-Leach Bliley Financial Services Modernization Act of 1999, 15 U.S.C. §§ 6801-6809 (Disclosure of Nonpublic Personal Information).
  14. Fair Credit Reporting Act, 15 USC § 1681, et seq., http://www.ftc.gov/os/statutes/031224fcra.pdf.
  15. Privacy of Consumer Financial and Health Information Regulation, State of Vermont, Department of Banking, Insurance, Securities & Health Care Administration, Banking Division, Regulation B-2001-01 (2001), http://www.bishca.state.vt.us/RegsBulls/bnkregs/REG_B2001_01.pdf.
  16. California Financial Information Privacy Act, Financial Code §§ 4050–4060, http://www.leginfo.ca.gov/cgi-bin/displaycode?section=fin&group=04001-05000&file=4050-4060.
  17. California Civil Code § 1798.82, http://www.leginfo.ca.gov/cgi-bin/displaycode?section=civ&group=01001-02000&file=1798.80-1798.84.
  18. Safe Harbor Privacy Principles, United States Department of Commerce, http://www.export.gov/safeharbor/.
  19. IBM Hippocratic Database Active Enforcement User Guide, Version 1.0, IBM Corporation, http://www.almaden.ibm.com/software/projects/iis/hdb/Publications/papers/
    HDBEnforcementUserGuide.pdf    .
  20. R. Agrawal, J. Kiernan, R. Srikant, and Y. Xu, “An XPath-Based Preference Language for P3P,” Proceedings of the 12th International World Wide Web Conference, ACM Press, NY (2003), pp. 629–639.
  21. A. Nanda and D. K. Burleson, Oracle Privacy and Security Auditing, Rampant TechPress, USA (2003).
  22. Standards for Privacy of Individually Identifiable Health Information, United States Department of Health and Human Services, 45 CFR Parts 160 and 164, http://www.hhs.gov/ocr/combinedregtext.pdf.
  23. IBM Hippocratic Database Auditing: User Guide, Version 1.0, IBM Corporation, http://www.almaden.ibm.com/software/projects/iis/hdb/Publications/papers/
    HDBAuditingUserGuide.pdf    .
  24. R. Snodgrass, S. Yao, and C. Collberg, “Tamper Detection in Audit Logs,” Proceedings of the 30th International Conference on Very Large Databases, Morgan Kaufmann Publishers, San Francisco, CA (2004), pp. 504–515.
  25. Implementing a Trusted Information Sharing Environment: Using Immutable Audit Logs to Increase Security, Trust and Accountability, Markle Foundation (February 2006).
  26. G. Miklau and D. Suciu, “A Formal Analysis of Information Disclosure in Data Exchange,” Proceedings of the ACM SIGMOD International Conference on Management of Data, ACM Press, New York (2004), pp. 575–586.


    About IBM    Privacy    Contact