Suchergebnisse

Regulatory capture generally evokes negative images of private interests exerting excessive influence on government action to advance their own agendas at the expense of the public interest. There are some cases, however, where this conventional wisdom is exactly backwards. This Article explores the first verifiable case, taken from healthcare cybersecurity, where regulatory capture enabled regulators to harness private expertise to advance exclusively public goals. Comparing this example to other attempts at harnessing industry expertise reveals a set of characteristics under which regulatory capture can be used in the public interest: (1) legislatively mandated adoption of recommendations by an advisory committee comprising private interests and "reduced-bias" subject matter experts; (2) relaxed procedural constraints for committee action to prevent internal committee capture; and (3) opportunities for committee participation to be worthwhile for representatives of private parties beyond the mere opportunity to advance their own interests. This Article presents recommendations based on those characteristics as to how and when legislatures may endeavor to replicate this success in other industries to improve both the legitimacy and efficacy of the regulatory process.

Regulatory capture generally evokes negative images of private interests exerting excessive influence on government action to advance their own agendas at the expense of the public interest. There are some cases, however, where this conventional wisdom is exactly backwards. This Article explores the first verifiable case, taken from healthcare cybersecurity, where regulatory capture enabled regulators to harness private expertise to advance exclusively public goals. Comparing this example to other attempts at harnessing industry expertise reveals a set of characteristics under which regulatory capture can be used in the public interest: (1) legislatively mandated adoption of recommendations by an advisory committee comprising private interests and "reduced-bias" subject matter experts; (2) relaxed procedural constraints for committee action to prevent internal committee capture; and (3) opportunities for committee participation to be worthwhile for representatives of private parties beyond the mere opportunity to advance their own interests. This Article presents recommendations based on those characteristics as to how and when legislatures may endeavor to replicate this success in other industries to improve both the legitimacy and efficacy of the regulatory process.

Current scholarly understanding of information security regulation in the United States is limited. Several competing mechanisms exist, many of which are untested in the courts and before state regulators, and new mechanisms are being proposed on a regular basis. Perhaps of even greater concern, the pace at which technology and threats change far outpaces the abilities of even the most sophisticated regulators.My Ph.D. dissertation focuses on understanding these laws - how we can classify them, what effects they have, and what are the implications of these effects for organizations and professionals. I explore these concepts through a mixed methods approach, utilizing both qualitative semi-structured interviews and quantitative data on breach incidence. The qualitative interviews inform the development of my hypothesis in addition to providing a basis for empirical analysis. The quantitative data is limited, but promising both in results and in the potential for the future analysis. In this Dissertation, I report preliminary results as to the effect certain of certain laws on information security practices. I develop a system for classifying information security regulation, and develop hypotheses as to the effect certain types of regulation have on organizations and information security professionals.Two notable conclusions result. First, the combination of Security Breach Notification (SBN) laws and management-based "regulatory delegation" models together is better at preventing breaches of personal information by organizations in the United States than is either model alone. Second, compliance-oriented prescriptive legislation such as SBNs weakens the role of security professionals within organizations, while management-based regulatory delegation models such as the Health Insurance Portability and Accountability Act (HIPAA) and the Gramm-Leach-Bliley Financial Modernization Act (GLBA) strengthen the role of professionals within organizations.

Communities of Learning Practice is an innovative paradigm focused on providing appropriate technological support to both formal and especially informal learning groups who are chiefly formed by non-technical people and who lack of the necessary resources to acquire such systems. Typically, students who are often separated by geography and/or time have the need to meet each other after classes in small study groups to carry out specific learning activities assigned during the formal learning process. However, the lack of suitable and available groupware applications makes it difficult for these groups of learners to collaborate and achieve their specific learning goals. In addition, the lack of democratic decision-making mechanisms is a main handicap to substitute the central authority of knowledge presented in formal learning. From the literature, the provision of specific support to informal collaborative learning has, to the best of our knowledge, been little investigated. To fill this gap, we present an ongoing work that will result in a democratic web-based groupware learning system especially designed to provide support for informal collaborative learning over the Internet. Moreover, an important purpose of this software is to provide advanced mechanisms of information management from the group activity for its further use in extracting and providing effective knowledge on interaction behavior. Indeed, this issue represents a fundamental requirement for current collaborative learning environments in order to adequately regulate the learning process as well as to enhance learning groupâ¿¿s participation by means of providing appropriate awareness and feedback. In this paper, we describe the main guidelines that conducted the requirements and design of this application as well as introduce the underlying groupware platform, called CoPE, that provides the essential functional support for democratic groupware.