Privacy policies and practices: inside the organizational maze
Communications of the ACM
Personalized hypermedia and international privacy
Communications of the ACM - The Adaptive Web
Privacy of medical records: IT implications of HIPAA
ACM SIGCAS Computers and Society
Unpacking "privacy" for a networked world
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Patient Privacy in Electronic Prescription Transfer
IEEE Security and Privacy
Web Privacy with P3p
Privacy policies as decision-making tools: an evaluation of online privacy notices
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Personalizing the user experience on ibm.com
IBM Systems Journal
Inside JetBlue's Privacy Policy Violations
IEEE Security and Privacy
Enabling Video Privacy through Computer Vision
IEEE Security and Privacy
Human-Computer Interaction
Designing natural language and structured entry methods for privacy policy authoring
INTERACT'05 Proceedings of the 2005 IFIP TC13 international conference on Human-Computer Interaction
Usable security and privacy: a case study of developing privacy management tools
SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
Usable privacy and security for personal information management
Communications of the ACM - Personal information management
Evaluating interfaces for privacy policy rule authoring
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
SOUPS '06 Proceedings of the second symposium on Usable privacy and security
How ordinary internet users can have a chance to influence privacy policies
Proceedings of the 4th Nordic conference on Human-computer interaction: changing roles
Looking for trouble: understanding end-user security management
Proceedings of the 2007 symposium on Computer human interaction for the management of information technology
An Organizational View of Pervasive Computing
Social Science Computer Review
Expandable grids for visualizing and authoring computer security policies
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Evaluating assistance of natural language policy authoring
Proceedings of the 4th symposium on Usable privacy and security
A service science perspective for interfaces of online service applications
Proceedings of the VIII Brazilian Symposium on Human Factors in Computing Systems
A framework for culturally adaptive policy management in ad hoc collaborative contexts
Proceedings of the 2009 international workshop on Intercultural collaboration
A Formal Privacy Management Framework
Formal Aspects in Security and Trust
Exploring Employee Perspectives on Information Privacy and Security in the Mobile Environment
Proceedings of the Symposium on Human Interface 2009 on ConferenceUniversal Access in Human-Computer Interaction. Part I: Held as Part of HCI International 2009
Soramame: what you see is what you control access control user interface
Proceedings of the Symposium on Computer Human Interaction for the Management of Information Technology
Usability challenges in security and privacy policy-authoring interfaces
INTERACT'07 Proceedings of the 11th IFIP TC 13 international conference on Human-computer interaction - Volume Part II
Privacy-aware role-based access control
ACM Transactions on Information and System Security (TISSEC)
Optimizing a policy authoring framework for security and privacy policies
Proceedings of the Sixth Symposium on Usable Privacy and Security
Analysis of privacy and security policies
IBM Journal of Research and Development
Policy framework for security and privacy management
IBM Journal of Research and Development
On the roles of policies in computer systems management
International Journal of Human-Computer Studies
A Galois lattice approach to a context-aware privacy negotiation service
Expert Systems with Applications: An International Journal
Keeping Found Things Found: The Study and Practice of Personal Information Management: The Study and Practice of Personal Information Management
Relating declarative semantics and usability in access control
Proceedings of the Eighth Symposium on Usable Privacy and Security
International Journal of Information Security and Privacy
Consistency checking in privacy-aware access control
Proceedings of the 51st ACM Southeast Conference
| Hi-index | 0.00 |
As information technology continues to spread, we believe that there will be an increasing awareness of a fundamental need to address privacy concerns, and that doing so will require an understanding of policies that govern information use accompanied by development of technologies that can implement such policies. The research reported here describes our efforts to design a system which facilitates privacy policy authoring, implementation, and compliance monitoring. We employed a variety of user-centered design methods with 109 target users across the four steps of the research reported here. This case study highlights the work of identifying organizational privacy requirements, iteratively designing and validating a prototype with target users, and conducting laboratory tests to guide specific design decisions to meet the needs of providing flexible privacy enabling technologies. Each of the four steps in our work is identified and described, and directions for future work in privacy are suggested.