Presentation is loading. Please wait.

Presentation is loading. Please wait.

Privacy by Design Maureen H Falconer Sr Guidance & Promotions Manager Building a Successful Information Sharing Partnership: Privacy by Design 13 August.

Published byCarl Estes Modified over 9 years ago

Similar presentations

Presentation on theme: "Privacy by Design Maureen H Falconer Sr Guidance & Promotions Manager Building a Successful Information Sharing Partnership: Privacy by Design 13 August."— Presentation transcript:

1 Privacy by Design Maureen H Falconer Sr Guidance & Promotions Manager Building a Successful Information Sharing Partnership: Privacy by Design 13 August 2009

2 Information Commissioner’s Office Regulatory Authority –DPA, PECR; FoI; EIR Role of the Regional Offices –Cardiff, Belfast, Edinburgh –Enquiries –Stakeholder engagement –Input Scottish dimension to ICO

3 Privacy by Design?

4 Privacy by Design: Context Recognised gap in development and adoption of privacy-friendly systems; Lack of public trust and confidence; Report launch – Nov’ ’08; Ensure ‘privacy’ is always on the agenda; Privacy and data protection compliance designed into systems at the outset.

5 Privacy by Design: Defining Privacy Webster’s Dictionary: Privacy is: The quality or state of being hidden from, or undisturbed by, the observation or activities of other persons and freedom from undesirable intrusions.

6 Privacy by Design: Why do a PIA? To identify privacy risks to individuals; To identify privacy and DP compliance liabilities for your organisation; To protect your reputation. To instil public trust and confidence in your organisation; To avoid expensive, inadequate “bolt- on” solutions; To inform your communications strategy; Enlightened self-interest!

7 Privacy by Design: When to do a PIA? At the start, when: –the project is being designed; –you know what you want to do; –you know how you want to do it; and –you know who else is involved... …but certainly before: –decisions are set in stone; –you have procured systems; –you have signed contracts; and –while you can still change your mind!

8 Privacy by Design: How to do a PIA? Initial assessment Full-scale PIA Small-scale PIA Privacy law compliance check Data protection compliance check Review and redo!

9 Privacy by Design: Initial Assessment Prepare a project outline Identify stakeholders Look at other PIAs Look at studies on the technology and processes Decide the appropriate level of assessment

10 Privacy by Design: Full-scale PIA 5 Phases: –Preliminary work –Preparation –Consultation/analysis –Conclusions –Review

11 Privacy by Design: Small-scale PIA 5 Phases: (less formal) –Preliminary work (more specific) –Preparation (just as important!) –Consultation/analysis (less exhaustive) –Conclusions (part of a process) –Review

12 Privacy by Design: Compliance Privacy Law: –Vires –HRA; PECR; Law of Confidence –Statutory prohibitions Data Protection: –DP Principles –Schedule Conditions –Exemptions

13 Privacy by Design: Key Points The PIA is a process to consider privacy risk; It may not be appropriate in all cases; It can be incorporated into the organisation’s current risk strategy or it can be stand-alone; New and more manageable guidance!!

14 www.ico.gov.uk 93-95 Hanover Street Edinburgh EH2 1DJ scotland@ico.gsi.gov.uk 0131 301 5071

Download ppt "Privacy by Design Maureen H Falconer Sr Guidance & Promotions Manager Building a Successful Information Sharing Partnership: Privacy by Design 13 August."

Similar presentations

ONS Research Data Access Strategy AGENDA Background and context Confidentiality The Strategy.

ONS Research Data Access Strategy AGENDA Background and context Confidentiality The Strategy.
London Public Health Transition Delivery Board

London Public Health Transition Delivery Board
The Department of Energy Enterprise Risk Management Model

The Department of Energy Enterprise Risk Management Model
‘Working together to improve mental health’ The Lancashire Mental Health and Social Care Partnership Board Made up of representation from Local Authorities,

‘Working together to improve mental health’ The Lancashire Mental Health and Social Care Partnership Board Made up of representation from Local Authorities,
SEMINAR NAIC/ASSAL/SVS REGULATION & SUPERVISION OF MARKET CONDUCT © 2014 National Association of Insurance Commissioners Overview and Purpose of Market.

SEMINAR NAIC/ASSAL/SVS REGULATION & SUPERVISION OF MARKET CONDUCT © 2014 National Association of Insurance Commissioners Overview and Purpose of Market.
Getting data sharing right for every child

Getting data sharing right for every child
29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL DATA PROTECTION AND PRIVACY COMMISSIONERS.

29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL DATA PROTECTION AND PRIVACY COMMISSIONERS.
ICS 417: The ethics of ICT 4.2 The Ethics of Information and Communication Technologies (ICT) in Business by Simon Rogerson IMIS Journal May 1998.

ICS 417: The ethics of ICT 4.2 The Ethics of Information and Communication Technologies (ICT) in Business by Simon Rogerson IMIS Journal May 1998.
Philip M. J. Graham Head of Information Communications Technology (ICT) 13 th July 2010.

Philip M. J. Graham Head of Information Communications Technology (ICT) 13 th July 2010.
Big Data and data protection

Big Data and data protection
© 2006 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Privacy Management for a Global Enterprise.

© 2006 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Privacy Management for a Global Enterprise.
OAG Office of the Auditor-General Promoting Accountability in the Public Sector Using Audit to Oversee Public Procurement Edward Ouko Auditor-General Kenya.

OAG Office of the Auditor-General Promoting Accountability in the Public Sector Using Audit to Oversee Public Procurement Edward Ouko Auditor-General Kenya.
Getting it right for e ery child  www.scotland.gov.uk/gettingitright Children & Young People (Scotland) Act 2014 Briefing on GIRFEC Provisions Scottish.

Getting it right for e ery child  Children & Young People (Scotland) Act 2014 Briefing on GIRFEC Provisions Scottish.
The Value in Conducting a Privacy Impact Assessment

The Value in Conducting a Privacy Impact Assessment
Transparency in Public Administration – FOI and EIR

Transparency in Public Administration – FOI and EIR
The ICO and the DPA Ken Macdonald Assistant Commissioner Information Commissioner’s Office ScotStat Public Sector Analysts Network 30 th September 2010.

The ICO and the DPA Ken Macdonald Assistant Commissioner Information Commissioner’s Office ScotStat Public Sector Analysts Network 30 th September 2010.
How the Information Commissioner’s office operates as a regulator David Smith Deputy Information Commissioner.

How the Information Commissioner’s office operates as a regulator David Smith Deputy Information Commissioner.
Who we are and what we do An introduction to the Information Commissioner’s Office.

Who we are and what we do An introduction to the Information Commissioner’s Office.
Data Sharing and Good Practice Maureen H Falconer Sr Policy Officer Information Commissioner’s Office.

Data Sharing and Good Practice Maureen H Falconer Sr Policy Officer Information Commissioner’s Office.
The Heart of the Matter: supporting family contact for fostered children.

The Heart of the Matter: supporting family contact for fostered children.

Similar presentations

Ads by Google