https://www.heise.de/news/Datenschutz-DSGVO-Zertifizierung-kommt-2022-6278967.html
AWS GDPR compliance whitepaper: Navigating GDPR Compliance on AWS
daten:recht: DSGVO: Setzen Unternehmensbussen den Nachweis der Pflichtverletzung durch eine natürliche Person voraus?
Best Practices: „Fernwartung in der Gesundheitsversorgung“ (bvitg)
Germany – DPIA example: Microsoft 365 (PWC)
Die von pwc durchgeführte Datenschutzfolgenabschätzung des Kultusministeriums Baden-Württemberg zu Microsoft 365.
https://fragdenstaat.de/anfrage/datenschutzfolgeabschatzungen/644906/anhang/DSFA_und_Anlagen.zip
BfArM: AI in Medical Devices and Digital Healthcare Applications – the BfArM perspective (presentation)
Dr. W. Lauer at Joint HMA/EMA Workshop on Artificial Intelligence in Medicines Regulation – 19-20 April 2021
FDA site: Artificial Intelligence and Machine Learning in Software as a Medical Device
includes
“The U.S. Food and Drug Administration (FDA) issued the “Artificial Intelligence/Machine Learning (AI/ML)-Based Software as a Medical Device (SaMD) Action Plan” from the Center for Devices and Radiological Health’s Digital Health Center of Excellence.”
https://www.fda.gov/media/145022/download
“The discussion paper used the term Good Machine Learning Practice, or GMLP, to describe a set of AI/ML best practices (e.g., data management, feature extraction, training, interpretability, evaluation and documentation) that are akin to good software engineering practices or quality system practices.
Development and adoption of these practices is important not only for guiding the industry and product development, but also for facilitating oversight of these complex products, through manufacturer’s adherence to well established best practices and/or standards. There have been many efforts to date to
describe standards and best practices that could comprise GMLP, including those mentioned below. Stakeholders generally provided strong support for the idea and importance of GMLP. Additionally, there was a request for FDA to encourage harmonization of the numerous efforts to develop GMLP, including through consensus standards efforts, leveraging already-existing workstreams, and involvement of other communities focused on AI/ML. [..]
In summary, as part of this Action Plan, the Agency is highlighting the following intended actions and
goals:
- Develop an update to the proposed regulatory framework presented in the AI/ML-based SaMD discussion paper, including through the issuance of a Draft Guidance on the Predetermined Change Control Plan.
- Strengthen FDA’s encouragement of the harmonized development of Good Machine Learning Practice (GMLP) through additional FDA participation in collaborative communities and consensus standards development efforts.
- Support a patient-centered approach by continuing to host discussions on the role of transparency to users of AI/ML-based devices. Building upon the October 2020 Patient Engagement Advisory Committee (PEAC) Meeting focused on patient trust in AI/ML technologies, hold a public workshop on medical device labeling to support transparency to users of AI/ML-based devices.
- Support regulatory science efforts on the development of methodology for the evaluation and improvement of machine learning algorithms, including for the identification and elimination of bias, and on the robustness and resilience of these algorithms to withstand changing clinical inputs and conditions.
- Advance real-world performance pilots in coordination with stakeholders and other FDA programs, to provide additional clarity on what a real-world evidence generation program could look like for AI/ML-based SaMD.
” [quoted from action plan above]
“The FDA’s Center for Devices and Radiological Health (CDRH) is considering a total product lifecycle-based regulatory framework for these technologies that would allow for modifications to be made from real-world learning and adaptation, while ensuring that the safety and effectiveness of the software as a medical device are maintained.”
Also: List of Artificial Intelligence and Machine Learning (AI/ML)-Enabled Medical Devices
https://www.fda.gov/medical-devices/software-medical-device-samd/artificial-intelligence-and-machine-learning-aiml-enabled-medical-devices
Paper: What costs should we expect from the EU’s AI Act?
What costs should we expect from the EU’s AI Act?
AUTHORS: Meeri HaatajaJoanna J. Bryson
https://osf.io/preprints/socarxiv/8nzb4/
LfDI BW: Whistleblowing slide deck
Datenschutz bei internen Ermittlungen und Hinweisgebersystemen
(Präsentationen der BvD-Herbstkonferenz Datenschutz und Behördentag 2021)
Fides: Privacy taxonomy
“Fides (fee-dhez, Latin: Fidēs) is an open-source tool that allows you to easily declare your systems’ privacy characteristics, track privacy related changes to systems and data in version control, and enforce policies in both your source code and your runtime infrastructure.”
https://github.com/ethyca/fides
with syntax at https://ethyca.github.io/fides/language/syntax/
e.g. “user.provided.identifiable.contact.phone_number”
and a handy *Taxonomy Explorer” at https://ethyca.github.io/fides/language/taxonomy/explorer/
– using Data Categories, Data Uses, Data Subjects and Data Qualifiers
Also overview article at IAPP at https://iapp.org/news/a/privacy-as-code-a-new-taxonomy-for-privacy