Data Privacy is about what we share & how we respect others
By suncpo on Sep 11, 2007
There is some talk about data privacy being the reason for the VA killings this past spring or at least the reason for inaction to get the killer help & keep him away from other kids.
I absolutely agree with Commissioner Ann Cavoukian's letter attached below in this chain regarding the role data privacy laws played in the Virgina Tech tragegy & in other similar situations. Data privacy did not stop fiduciaries from action. Legal requirements or policy did not stop permissible sharing of critical data.
Data privacy is about reasoned and intentional sharing of information that adds value or prevents harm. Data privacy--ie sharing-- is how we share our HR data to get paid and to recognize excellence. Data privacy-- ie sharing-- is how we delight our customers with great service and by inventing products and services that solves their problems.
There is also a time, place & reason for policy that helps organizations make sense of legal requirements and tie practices and tools into a system designed to serve and to do no harm.
There is also a time, place and reason for people to use systems that contain information about people with wisdom and discretion. Sometimes those people need to share that data to prevent harm or to actively bring about good.
That's what data privacy is.
I got a little excited here, but please see Ann's letter below.
-------- Original Message --------
Subject: Ann Cavoukian letter to the Washington Post
I applaud Commissioner Ann Cavoukian (original author of this statement deleted to protect his privacy, but I agree.):
The Laws Didn't Fail
Monday, September 10, 2007; Page A14
Regarding Marc Fisher's Sept. 2 Metro column, "When Privacy Laws Do More Harm Than Good":
Privacy forms the basis of liberty. The problem lies not with the laws but with those who fail to disclose needed information when required.
Privacy laws allow for the disclosure of information in cases involving the health and safety of individuals or the risk of serious harm. I issued a fact sheet (see http://www.ipc.on.ca) http:// to clarify this point and identified circumstances when personal information could be disclosed under Ontario's privacy laws, which I oversee. It is similar in other Canadian jurisdictions.
In the United States, both the Health Insurance Portability and Accountability Act and the Family Educational Rights and Privacy Act also permit the sharing of information in situations involving imminent threats to health or safety. For students this could include elements of threatened suicide, other threats or unsafe conduct. The Privacy Act has a provision allowing for disclosure in compelling circumstances.
To infer that privacy protections were responsible for the events at Virginia Tech is to completely misunderstand the role that privacy plays in preserving liberty. The tragedy lies with the default -- in this case, of nondisclosure and inaction -- not with much-needed privacy laws that uphold our rights and freedoms.
Information and Privacy Commissioner
Province of Ontario