Add to collection(s) Add to saved
  1. Business
  2. Management
  3. Project Management

The Value in Conducting a Privacy Impact Assessment

advertisement 
The Value in
Conducting a Privacy
Impact Assessment
Rachael Gallagher
Senior Policy Officer
2 December 2014
Introduction
• What is a PIA?
• What is Privacy?
• What are the benefits?
• What types of projects?
• Who should be responsible?
Code of Practice
Privacy by design
From Handbook to Code of Practice
The PIA process
Consultation
1
2
3
4
5
6
• Identify need for a PIA
• Describe information flows
• Identify privacy risks
• Identify privacy solutions
• Record PIA outcomes, and sign-off
• Integrate PIA outcomes into project plan
Consultation
Internal stakeholders
External stakeholders
•Project board
•Engineers, developers
•IT
•Procurement
•Suppliers / data processors
•Comms team
•Frontline staff
•Corporate Governance
•Senior management
•End users
•Data subjects
•Representative groups
•Interest groups
•General public
•Regulators
The PIA process
1
• Identify need for a PIA
• Establish objectives, outcomes and outputs early
• Screening questions
• Management support
The PIA process
2
•
•
•
•
• Describe information flows
Types of personal data
Use of those data
Information asset register
Data controller?
The PIA process
3
•
•
•
•
• Identify privacy risks
Risk management tools/methodology
ICO guidance
Other standards and guidance
Types of risk
– Individuals
– Compliance
– Corporate
The PIA process
4
• Identify privacy solutions
• Accept
• Reduce
• Eliminate
The PIA process
5
•
•
•
•
•
• Record PIA outcomes, and sign-off
Document status of each risk
Determine solutions
Record reasons
Sign-off
Publication
The PIA process
6
• Integrate PIA outcomes into project plan
• Recommendations integrated into project plan
• Review PIA at key stages
• Final evaluations
Conclusions
• Way of complying with data protection obligations
• Method of Good Practice
• Can reduce costs
• Publish where appropriate
• Promotes trust
Keep in touch
Information Commissioner’s Office
3rd Floor,
14 Cromac Place,
Gasworks,
Belfast BT7 2JB.
Tel: 028 90278757 / 0303 123 1114
Email: ni@ico.org.uk
Subscribe to our e-newsletter at www.ico.org.uk
or find us on…
www.twitter.com/iconews
Related documents
Preliminary Impact Assessment (PIA)
Preliminary Impact Assessment (PIA)
A11 Product Information (PIA) App
A11 Product Information (PIA) App
Consultation: Conducting privacy impact assessments code of practice
Consultation: Conducting privacy impact assessments code of practice
Privacy Impact Assessment Code of Practice editable annexes
Privacy Impact Assessment Code of Practice editable annexes
registration form
registration form
ingredients expiry
ingredients expiry
Link:Presentation of David Wright
Link:Presentation of David Wright
Procurement & Logistics Division Schedule for Invitation of Tender
Procurement & Logistics Division Schedule for Invitation of Tender
Pia de Tolomei, 1836 - lifelonglearningnm.org
Pia de Tolomei, 1836 - lifelonglearningnm.org
Income Tax on Social Security Benefits
Income Tax on Social Security Benefits
Response Time Aware Coordination in Multi Agent Filtering Framework
Response Time Aware Coordination in Multi Agent Filtering Framework
i. general information
i. general information
Pia Obituary Final
Pia Obituary Final
TALAAN NG MGA PANG-URI A abala - Samut
TALAAN NG MGA PANG-URI A abala - Samut
Summarizing the Issues - DDU-GKY
Summarizing the Issues - DDU-GKY
Section 8.3 - DDU-GKY
Section 8.3 - DDU-GKY
Power point presentation of the Chapter 1
Power point presentation of the Chapter 1
IAPP presentation - International Association of Privacy Professionals
IAPP presentation - International Association of Privacy Professionals
Maintaining Privacy and Dignity in Care (Fiona Throp)
Maintaining Privacy and Dignity in Care (Fiona Throp)
TRASH
TRASH
E-Rate Newbie Training PowerPoint
E-Rate Newbie Training PowerPoint
PIA - comPPage
PIA - comPPage
Download
advertisement