Скачать презентацию PRIVACY IMPACT ASSESSMENT PIA Some Approaches Issues and Скачать презентацию PRIVACY IMPACT ASSESSMENT PIA Some Approaches Issues and

22ed1bb7ed1ccea1ff359d38bfbaffed.ppt

  • Количество слайдов: 10

PRIVACY IMPACT ASSESSMENT PIA: Some Approaches, Issues and Examples Blair Stewart Assistant Commissioner Office PRIVACY IMPACT ASSESSMENT PIA: Some Approaches, Issues and Examples Blair Stewart Assistant Commissioner Office of the Privacy Commissioner New Zealand E-Privacy in the New Economy Conference, Hong Kong, 26 March 2001 1

What is PIA? n n n Assessment of any actual or potential effects that What is PIA? n n n Assessment of any actual or potential effects that a proposal may have on privacy and the ways in which any adverse effects can be mitigated Not privacy compliance audit Not legal opinion E-Privacy in the New Economy Conference, Hong Kong, 26 March 2001 2

When is PIA useful? n n n New technologies Known intrusive technology Major change When is PIA useful? n n n New technologies Known intrusive technology Major change to information systems Where privacy will be affected E-Privacy in the New Economy Conference, Hong Kong, 26 March 2001 3

Example topic areas n n n Public health databases Linking of databases Surveillance projects Example topic areas n n n Public health databases Linking of databases Surveillance projects Assigning population numbers New technology in ID applications Data warehouses E-Privacy in the New Economy Conference, Hong Kong, 26 March 2001 4

Growth in PIA n n Interest since 1997 Take off 1999+ E-Privacy in the Growth in PIA n n Interest since 1997 Take off 1999+ E-Privacy in the New Economy Conference, Hong Kong, 26 March 2001 5

PIAs as regulatory requirement n n Alberta: compulsary in health area Ontario: provincial govt PIAs as regulatory requirement n n Alberta: compulsary in health area Ontario: provincial govt practice NZ Req’d for data matching, sometimes for exemptions Future? Maybe where special permissions are needed, major public projects E-Privacy in the New Economy Conference, Hong Kong, 26 March 2001 6

PIA Content n n n n See detailed guidelines Overview Description Data collection, use, PIA Content n n n n See detailed guidelines Overview Description Data collection, use, disclosure Privacy standards, security measures Conclusions, findings, recommendations Sources E-Privacy in the New Economy Conference, Hong Kong, 26 March 2001 7

Who might undertake PIA? n n Competent expertise Independent element Some issues: n Mouthpiece/ Who might undertake PIA? n n Competent expertise Independent element Some issues: n Mouthpiece/ advocate or expert? n In-house assessment? E-Privacy in the New Economy Conference, Hong Kong, 26 March 2001 8

What happens when PIA complete? n n Integrate into decision-making Public release of findings What happens when PIA complete? n n Integrate into decision-making Public release of findings E-Privacy in the New Economy Conference, Hong Kong, 26 March 2001 9

Privacy Impact Assessment Resources n n n Bibligraphy Published guidelines List of PIAs E-Privacy Privacy Impact Assessment Resources n n n Bibligraphy Published guidelines List of PIAs E-Privacy in the New Economy Conference, Hong Kong, 26 March 2001 10