PHRs (Personal Health Records) store individuals’ personal health information. Access to this data is controlled by the patient, rather than by the health care provider. Companies such as Google and Microsoft are establishing a leadership position in this emerging market. In this context, the need for psychological acceptability in privacy and security protection mechanisms is essential. Any pr...

Using personal mobile devices for work gave rise to a trend called “bring your own device”, or BYOD. BYOD brings a productivity boost for employees, but also headaches for employers: on the one hand, the business has a legitimate interest in monitoring the device, in order to prevent security breaches by employees; but on the other hand, employees have a reasonable expectation of privacy when t...

We investigate the consequences of imperfect data privacy on information acquisition of personal health data. In a game of persuasion with ex-ante symmetric information players decide on whether or not to acquire and reveal information about their personal health status to convince a decision maker to interact. We contrast three institutional settings: automatic dissemination of acquired inform...

People are limited in their resources, i.e. they have limited memory capabilities, cannot pay attention to too many things at the same time, and forget much information after a while; computers do not suffer from these limitations. Thus, revealing personal data in electronic communication environments and being completely unaware of the impact of privacy might cause a lot of privacy issues late...

P rivacy lobbyists and advocates have named privacy surrounding health information, mobility, and genetic information as some of the most significant issues of our time. Financial and behavioral privacy are also at stake. Even as governments around the world offer services requiring that our personal data be moved online and prepare to upgrade systems to share data among multiple agencies, priv...

T study seeks to clarify the nature of control in the context of information privacy to generate insights into the effects of different privacy assurance approaches on context-specific concerns for information privacy. We theorize that such effects are exhibited through mediation by perceived control over personal information and develop arguments in support of the interaction effects involving...

Privacy has been a concern for humans long before the explosive growth of the Internet. The advances in information technologies have further increased these concerns. This is because the increasing power and sophistication of computer applications offers both tremendous opportunities for individuals, but also significant threats to personal privacy. Autonomous agents and Multi-agent Systems ar...

This paper describes issues and requirements related to privacy management as an aspect of improved governance in enterprises. It focuses on the privacy enforcement aspect, in particular related to privacy-aware access control and enforcement of privacy obligations: this is still a green field and, at the same time, is a key aspect to be taken into account to ensure compliance both with regulat...

ABSTRACT We make the case for an integrated approach to privacy management within organisations. Current approaches to privacy management are either too high-level, enforcing privacy of personal data using legal compliance, risk and impact assessments, or too low-level, focusing only on the technical implementation of access controls to personal data held by an enterprise. High-level approaches...