Comparing Privacy Impact Assessment Frameworks for Effective Data Protection

overview of frameworks n.w
1 / 9
Embed
Share

Discover various Privacy Impact Assessment (PIA) frameworks like PIA RFID, ICO's PIA, CNIL's PIA, and ISO 29134 that provide guidelines for assessing and mitigating privacy risks. These frameworks offer structured methodologies to identify privacy threats, implement controls, and create action plans for better privacy protection in projects.

  • Privacy
  • Data Protection
  • PIA Frameworks
  • Privacy Impact Assessment
  • Guidelines
rayaanacharya
ljul Follow

Uploaded on | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. Overview of frameworks Designing for Privacy Leonardo H. Iwaya CC-BY-4.0

  2. PIA Articulation and Systematisation PIAs require multiple technical and organizational methods Project planning System documentation Privacy risk analysis Reporting and action plan New project Determine if you need a PIA Prepare and plan the PIA Decribe the project and data flows Project changes Methods have to be studied, selected and systematized to create methodology, i.e., a PIA framework Prepare and disseminate the PIA Report Identify privacy threats Identify controls and countermeasures 2

  3. PIA Frameworks: A Few Examples Privacy and Data Protection Impact Assessment Framework for RFID Applications (PIA RFID), 2011. UK Conducting privacy impact assessments code of practice, Information Commissioner s Office (ICO), 2014. FR Privacy Impact Assessment (PIA), Commision nationale de l informatique et des libert s (CNIL), 2015. ISO/IEC 29134 Information technology Security techniques Guidelines for privacy impact assessment, 2017. 3

  4. PIA Frameworks: PIA RFID Privacy and Data Protection Impact Assessment Framework for RFID Applications (PIA RFID), 2011. See also Oetzel, M.C. and Spiekermann, S., 2014. A systematic methodology for privacy impact assessments: a design science approach. European Journal of Information Systems, 23(2), pp.126-150. Privacy Impact Assessment Guideline for RFID Applications (Langfassung) 4

  5. PIA Frameworks: ICOs PIA UK Conducting privacy impact assessments code of practice, Information Commissioner s Office (ICO), 2014. Conducting privacy impact assessments code of practice (UK ICO PIA) 5

  6. PIA Frameworks: CNILs PIA FR Privacy Impact Assessment (PIA), Commision nationale de l informatique et des libert s (CNIL), 2015. CNIL Privacy Impact Assessment Manuals 6

  7. PIA Frameworks: ISO 29134 ISO/IEC 29134 Information technology Security techniques Guidelines for privacy impact assessment, 2017. ISO/IEC 29134:2017 Guidelines for privacy impact assessment 7

  8. Ok, but which one should I use? They are all relatively similar They all aim for Privacy, i.e., PIA (not merely Data Protection ) Choose and adapt them to your organisation s needs Engage with your DPA ISO 29134 definitely shows that we re reaching some level of maturity regarding PIAs 8

  9. References Oetzel, C., Spiekermann, S., Gr ning, I., Kelter, H. and Mull, S., 2011. Privacy Impact Assessment Guideline for RFID Applications. Bundesamt f r Sicherheit in der Informationstechnik (BSI). ICO, 2014. Conducting privacy impact assessments code of practice, Information Commissioner s Office, 2014. CNIL, 2015. Privacy Impact Assessment (PIA) Methodology (how to carry out a PIA), Commision nationale de l informatique et des libert s, 2015. ISO/IEC 29134, 2017. Information technology Security techniques Guidelines for privacy impact assessment. (https://www.iso.org/standard/62289.html) Icons and Images Graphiqa Stock (https://www.iconfinder.com/graphiqa) 9

Related


The Digital Personal Data Protection Act 2023

The Digital Personal Data Protection Act 2023

edelweiss
Safeguarding Student Privacy in Educational Technology: A Comprehensive Guide

Safeguarding Student Privacy in Educational Technology: A Comprehensive Guide

huey
Dynamic Pricing Algorithms with Privacy Preservation in Personalized Decision Making

Dynamic Pricing Algorithms with Privacy Preservation in Personalized Decision Making

lillia
Privacy in Information Security Training

Privacy in Information Security Training

lillia
NCVHS Subcommittee on Privacy Comments on HIPAA Privacy Rule for Reproductive Health Care

NCVHS Subcommittee on Privacy Comments on HIPAA Privacy Rule for Reproductive Health Care

haley
Privacy-Preserving Analysis of Graph Structures

Privacy-Preserving Analysis of Graph Structures

bilal
The General Data Protection Regulation (GDPR) and Data Protection Bill

The General Data Protection Regulation (GDPR) and Data Protection Bill

helena
FMCSA Privacy Awareness Training Overview for 2022

FMCSA Privacy Awareness Training Overview for 2022

natan
Data Privacy Laws and Regulations in Saudi Arabia

Data Privacy Laws and Regulations in Saudi Arabia

twyla
Data Protection Impact Assessments (DPIA) at DPPC2018

Data Protection Impact Assessments (DPIA) at DPPC2018

adira
Privacy and Registered Training Organisations: Lessons and Insights

Privacy and Registered Training Organisations: Lessons and Insights

isabela
Breach of Confidence and Privacy Rights in English Law

Breach of Confidence and Privacy Rights in English Law

teodor
Privacy Considerations in Data Management for Data Science Lecture

Privacy Considerations in Data Management for Data Science Lecture

maen728
Is Data Protection a Fundamental Right Protecting the Individual?

Is Data Protection a Fundamental Right Protecting the Individual?

tae_ruf
Data Privacy in Sharing Sensitive Information

Data Privacy in Sharing Sensitive Information

vaid_955
Privacy and Data Protection in the Digital Age

Privacy and Data Protection in the Digital Age

smer
The Privacy Paradox: Attitudes vs. Behaviors

The Privacy Paradox: Attitudes vs. Behaviors

clai_evi
Kansas Student Data Privacy Legislation Overview

Kansas Student Data Privacy Legislation Overview

herme
Big Data and Privacy Issues in Today's Society

Big Data and Privacy Issues in Today's Society

mpaul
Big Data: Privacy Implications and Social Impact

Big Data: Privacy Implications and Social Impact

rana860
Data Protection Impact Assessments and Documentation

Data Protection Impact Assessments and Documentation

alexzand
Privacy Rights in Europe: A Comprehensive Overview

Privacy Rights in Europe: A Comprehensive Overview

jesu_26

More Related Content