Embed Size (px)
Citation preview
DATA MINING & GRAMA LAWRecords Risks
Thrill of running down a steep hill…
Risks & Challenges
Data Mining/Data Brokers Difficulty protecting personally
identifiable information (PII) Time-Consuming Creation of Records Data Breaches Emails/Social Media/Text Messages Improper Disposition of Records Legal Holds
Government Records Access Management Act
GRAMA: The Government Records Access and Management Act (commonly known as GRAMA) is a comprehensive records law dealing with the management of government records, who is entitled to access those records, the exercise and enforcement of access rights, and the establishment of the State Archives. GRAMA states that it is the responsibility of Utah’s governmental entities and political subdivisions to “establish and maintain an active, continuing program for the economical and efficient management of the governmental entity’s records.”
“In enacting this act, the Legislature recognizes two constitutional rights:
1. the public’s right of access to information concerning the conduct of the public’s business; and
2. the right of privacy in relation to personal data gathered by governmental entities.”
These rights are commonly referred to as:
Right-to-KnowRight-to-Privacy
Definitions•Record Series•Retention Schedule•Classifications –
• Public• Private• Protected• Controlled• Exempt
•Electronically Stored Information (ESI)
Records are defined in terms of their function, not format. The most important aspect in identifying a record is the content.
What is Data Mining?• Generally, data mining (sometimes called data or knowledge
discovery) is the process of analyzing data from different perspectives & summarizing it into useful information – information that can be used to increase revenue, cut costs, or both.
• Data – are any facts, numbers, or texts that can be processed by a computer.
• The patterns, associations, or relationships among all the data can provide information.
• Information can be converted into knowledge about historical patterns, and future trends.
• Create data warehouses --- (Data Brokers)• In a nutshell – data (information/knowledge) = revenue & power
• Information =
Governmental entities are viewed as informational repositories
Can you see any possible risks by
providing this information en
masse?
Risks/Problems
1) Retention
2) Classification
3) Creation of Records
4) Privacy (At-Risk Individuals)
5) Costs
6) Abuse
Creation of Records• A governmental entity, in response to a records request, is not required to: “(i) create a record; (ii) compile, format, manipulate, package, summarize, or tailor information; [or] (iii) provide a record in a particular format, medium, or program not currently maintained by the governmental entity ….” See Utah Code Ann. §63G-2-201(8)(a).
Information Management Magazine – “The definition that is most relevant to RIM is that privacy is the right for a ‘living and identifiable’ individual to have some control over the collection, storage, and disclosure of his or her personal information held by governmental agencies, financial institutions, and other public and private entities.”
“These new modes for creating, capturing, and storing data have had unimagined and serious implications for managing records’ privacy, as evidenced by the increasing occurrences of privacy-related lawsuits against high-profile governmental and private entities around the globe for failing to comply with privacy legislation.”
by Cherri-Ann Beckles
(OECD) Organization for Economic Co-operation & Development Guidelines state that -
• Personal information must be:
• Collected fairly and lawfully• Used only for the purpose specified during collection• Adequate, relevant, and not excessive to that purpose• Accurate and up-to-date• Accessible• Kept Secure• Subject to disposal after the purpose is completed
Imaginary Dossier
• Brandon J. Onymous• Address: 228 Happy Way, Ogden, Utah 84086• Phone: 801-333-4444 (w) 801-222-1111(c) 801-444-5555(h)• [email protected] • Birthdate: 3/16/1956• Wife: Bertha Lee Onymous married: 6/29/1979 • Registered Republican voter• Remodeled home – added a family room 2012 (details)• Has a dog named Lassie (golden retriever) 6 years old• Brought in a troublesome neighborhood cat to shelter 2013• Owns a vacation home (details)• Weber County is holding unclaimed funds • Signed a “count my vote” petition
• 911 call when his son had an altercation with a neighbor 8 months ago• Has received three traffic citations in the past ten years• Home
• Value • Property characteristics – year built, roof, siding, sq. footage, # bedrooms,
pool, etc. (photo & sketch)• Taxes (amount due, delinquent, etc.) pays his taxes himself & hasn’t paid
last year’s taxes yet.• Year purchased, purchase price, Deed, refinanced, etc.
Solutions?• Informed Public•Ensure Records Officer & other staff are adequately trained
•Policies in Place•Legislation
• Pay attention to bills being promoted (privacy bills have not been popular)
• Communicate with Legislators/Legislation
Let’s meet the challenge
Questions ?
