Presentation is loading. Please wait.

Presentation is loading. Please wait.

Privacy by Design Maureen H Falconer Sr Guidance & Promotions Manager Building a Successful Information Sharing Partnership: Privacy by Design 13 August.

Similar presentations


Presentation on theme: "Privacy by Design Maureen H Falconer Sr Guidance & Promotions Manager Building a Successful Information Sharing Partnership: Privacy by Design 13 August."— Presentation transcript:

1 Privacy by Design Maureen H Falconer Sr Guidance & Promotions Manager Building a Successful Information Sharing Partnership: Privacy by Design 13 August 2009

2 Information Commissioner’s Office Regulatory Authority –DPA, PECR; FoI; EIR Role of the Regional Offices –Cardiff, Belfast, Edinburgh –Enquiries –Stakeholder engagement –Input Scottish dimension to ICO

3 Privacy by Design?

4 Privacy by Design: Context Recognised gap in development and adoption of privacy-friendly systems; Lack of public trust and confidence; Report launch – Nov’ ’08; Ensure ‘privacy’ is always on the agenda; Privacy and data protection compliance designed into systems at the outset.

5 Privacy by Design: Defining Privacy Webster’s Dictionary: Privacy is: The quality or state of being hidden from, or undisturbed by, the observation or activities of other persons and freedom from undesirable intrusions.

6 Privacy by Design: Why do a PIA? To identify privacy risks to individuals; To identify privacy and DP compliance liabilities for your organisation; To protect your reputation. To instil public trust and confidence in your organisation; To avoid expensive, inadequate “bolt- on” solutions; To inform your communications strategy; Enlightened self-interest!

7 Privacy by Design: When to do a PIA? At the start, when: –the project is being designed; –you know what you want to do; –you know how you want to do it; and –you know who else is involved... …but certainly before: –decisions are set in stone; –you have procured systems; –you have signed contracts; and –while you can still change your mind!

8 Privacy by Design: How to do a PIA? Initial assessment Full-scale PIA Small-scale PIA Privacy law compliance check Data protection compliance check Review and redo!

9 Privacy by Design: Initial Assessment Prepare a project outline Identify stakeholders Look at other PIAs Look at studies on the technology and processes Decide the appropriate level of assessment

10 Privacy by Design: Full-scale PIA 5 Phases: –Preliminary work –Preparation –Consultation/analysis –Conclusions –Review

11 Privacy by Design: Small-scale PIA 5 Phases: (less formal) –Preliminary work (more specific) –Preparation (just as important!) –Consultation/analysis (less exhaustive) –Conclusions (part of a process) –Review

12 Privacy by Design: Compliance Privacy Law: –Vires –HRA; PECR; Law of Confidence –Statutory prohibitions Data Protection: –DP Principles –Schedule Conditions –Exemptions

13 Privacy by Design: Key Points The PIA is a process to consider privacy risk; It may not be appropriate in all cases; It can be incorporated into the organisation’s current risk strategy or it can be stand-alone; New and more manageable guidance!!

14 Hanover Street Edinburgh EH2 1DJ


Download ppt "Privacy by Design Maureen H Falconer Sr Guidance & Promotions Manager Building a Successful Information Sharing Partnership: Privacy by Design 13 August."

Similar presentations


Ads by Google