pia is a process
play

PIA is a Process Designing for Privacy Leonardo H. Iwaya CC-BY-4.0 - PowerPoint PPT Presentation

May 26, 2023 •23 likes •103 views

PIA is a Process Designing for Privacy Leonardo H. Iwaya CC-BY-4.0 What is Data Protection Impact Assesment? Where a type of processing in particular using new technologies, and taking into account the nature, scope, context and

  1. PIA is a Process Designing for Privacy Leonardo H. Iwaya CC-BY-4.0

  2. What is Data Protection Impact Assesment? • ” Where a type of processing in particular using new technologies, and taking into account the nature, scope, context and purposes of the processing, is likely to result in a high risk to the rights and freedoms of natural persons, the controller shall, prior to the processing, carry out an assessment of the impact of the envisaged processing operations on the protection of personal data. ” – Art. 35 GDPR.

  3. What is Privacy Impact Assesment? • ”A privacy impact assessment (PIA) is an instrument for assessing the potential impacts on privacy of a process, information system, programme, software module, device or other initiative which processes personally identifiable information (PII) and, in consultation with stakeholders , for taking actions as necessarily in order to treat privacy risk.” – ISO/IEC 29134:2017.

  4. Who benefits from PIAs? They do: • Your customers and general public – because you are looking out for their privacy interests • Your organisation – because you demonstrate to your employees and contractors that you take privacy seriously and expect them to the same • The regulators – because when you carry out a proper PIA you clarify your project information dealings, making their work easier

  5. Who benefits from PIAs? Not sure yet? • A PIA helps to reduce costs in management time, legal expenses and potential negative media (i.e., PR also likes it) • A PIA helps to demonstrate compliance as an element of accountability • A PIA enhances informed decision-making and exposes internal communication gaps or hidden assumptions • A PIA helps to avoid privacy pitfalls of a project • And, well... it might be mandatory...

  6. How do you do PIA? • ”[PIA] is a process which should begin at the earliest possible stages, when there are still opportunities to influence the outcome of a project. It is a process that should continue until and even after the project has been deployed.” – David Wright The state of art in PIA (2012)

  7. How do you do PIA? “While each project is 1. Conduct a threshold 2. Plan the PIA 3. Describe the project assessment Prepare a ‘big picture’ description Consider how detailed the PIA different, a PIA should Work out the extent to which the will be, who will conduct it, who of what the project will deliver generally include the project will benefit from a PIA. needs to be consulted, when it and what it will achieve, why it is Generally, if personal information needs to be delivered, and needed, timeframes, and any following steps:” is involved in the project, a PIA whether the PIA Report will be links to existing projects. This will will be necessary. published and if so, in what provide context for the PIA – OIC Queensland format. process. Overview of the Privacy Impact 4. Identify and consult with 5. Map the personal 6. Identify the privacy issues Assessment process (2017) stakeholders information flow Compare the project’s personal Identify who has an interest in or Describe how personal information handling practices is affected by the project, the information will be collected, against the privacy obligations level of consultation warranted by stored, used and disclosed in the set out in the [GDPR] to identify the project and how the project from beginning to end. any privacy issues. consultation will be conducted. 7. Identify options to address 8. Prepare the PIA Report 9. Action the agency's the privacy issues response to the PIA Report Provide a report that sets out the Consider what options will information gathered throughout Incorporate the tasks necessary address the privacy issues. If the PIA and its findings to the to action the agency's response there are multiple options, relevant governance body for to the PIA Report into the wider evaluate the cost, risk and approval. project management process. benefit of each option to identify the most appropriate option.

  8. References • EU GDPR, 2017. Article 35 EU GDPR ”Data protection impact assessment” . (http://www.privacy-regulation.eu/en/35.htm) • ISO/IEC 29134, 2017. Information technology – Security techniques – Guidelines for privacy impact assessment . (https://www.iso.org/standard/62289.html) • Wright, D., 2012. The state of the art in privacy impact assessment . Computer Law & Security Review , 28(1), pp.54-61. • Clarke, R., 2009. Privacy impact assessment: Its origins and development. Computer law & security review , 25(2), pp.123-135. • OIC, 2017. Overview of the Privacy Impact Assessment (PIA) process . (https://www.oic.qld.gov.au/guidelines/for-government/guidelines-privacy- Icons and Images Graphiqa Stock ( https://www.iconfinder.com/graphiqa ) principles/privacy-compliance/overview-privacy-impact-assessment-process) Vectto ( https://www.iconfinder.com/vectto ) Alla Afanasenko ( https://www.iconfinder.com/alla.afanasenko )

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

1 Last class: Process Creation Today: Process Management 2 Process Description 3

1 Last class: Process Creation Today: Process Management 2 Process Description 3

1 Last class: Process Creation Today: Process Management 2 Process Description 3 Process State What do we need to track about a process? 4 Process Control Block Main Memory (RAM) Process id OS Program Counter Other

888 views • 40 slides
Process Life Cycle Virtualizing the CPU OS keeps a PCB for each process It has space to hold a

Process Life Cycle Virtualizing the CPU OS keeps a PCB for each process It has space to hold a

Process Life Cycle Virtualizing the CPU OS keeps a PCB for each process It has space to hold a ``frozen Process Control Block version of the process s state Init Zombie PC Program counter Stack Ptr Registers Ready Running Process

229 views • 8 slides
Processes Process Termination Context Switching Process Queues Process

Processes Process Termination Context Switching Process Queues Process

CSE 421/521 - Operating Systems Roadmap Fall 2013 Processes Basic Concepts Lecture - III Process Creation Processes Process Termination Context Switching Process Queues Process Scheduling Interprocess

454 views • 7 slides
Keeping Your Process at the Centre of Everything We Do 1 op optimAl pr process ss technology

Keeping Your Process at the Centre of Everything We Do 1 op optimAl pr process ss technology

Keeping Your Process at the Centre of Everything We Do 1 op optimAl pr process ss technology ltd ltd. Process Automation Specialists DRIVING PERFORMANCE Process Engineering Level 1 Process Services Control Systems Level 2 / 3

571 views • 20 slides
Unix Process Model What is a processes? Process Control in Unix Properties of a process

Unix Process Model What is a processes? Process Control in Unix Properties of a process

Unix Process Model What is a processes? Process Control in Unix Properties of a process Processes organization Interacting with a process Operating Systems Hebrew University Spring 2004 Resources What is a process

612 views • 5 slides
Special Lecture on Energy & Environment Process Process Process, Energy and System

Special Lecture on Energy & Environment Process Process Process, Energy and System

Special Lecture on Energy & Environment Process Process Process, Energy and System Integration Energy Environment Clean Process Technology (Ch. 28 in R. Smith) Classes of Waste (Process & Utility) Environmental Impacts from

547 views • 20 slides
Chapter 3: Processes: Outline Process Concept: views of a process Process

Chapter 3: Processes: Outline Process Concept: views of a process Process

Chapter 3: Processes: Outline Process Concept: views of a process Process Scheduling CSCI 6730/ 4730 Operations on Processes Operating Systems Cooperating Processes Inter Process Communication (IPC)

199 views • 5 slides
Chapter 2 Process View of the Organization Process View of a Hospital Process Performance

Chapter 2 Process View of the Organization Process View of a Hospital Process Performance

Chapter 2 Process View of the Organization Process View of a Hospital Process Performance Process Flow Structures 2 1 Definition of a Business Process A process is a set of activities that

494 views • 13 slides
Operating Systems Processes Lecture 3 Michael OBoyle 1 Overview Process Process

Operating Systems Processes Lecture 3 Michael OBoyle 1 Overview Process Process

Operating Systems Processes Lecture 3 Michael OBoyle 1 Overview Process Process control block Process state Context switch Process creation and termination 2 What is a process? The process is the OSs

517 views • 36 slides
Deadlock Example Process 1 Process 2 Resource 1 Resource 2 Example Process 1 Process 2

Deadlock Example Process 1 Process 2 Resource 1 Resource 2 Example Process 1 Process 2

Deadlock Example Process 1 Process 2 Resource 1 Resource 2 Example Process 1 Process 2 Process 3 Resource 1 Resource 2 Resource 3 Addressing Deadlock Prevention: Design the system so that deadlock is impossible Avoidance:

1.37k views • 71 slides
Load-Time Relocation Operating System Process 3 Process 6 Process 1 0 CS 140 Lecture

Load-Time Relocation Operating System Process 3 Process 6 Process 1 0 CS 140 Lecture

Load-Time Relocation Operating System Process 3 Process 6 Process 1 0 CS 140 Lecture Notes: Virtual Memory Slide 1 Base & Bounds Example 2000 1420 SP Process Virtual RETURN Address Space 140 66 62 CALL

351 views • 5 slides
Chapter 4: Threads Process Scheduling Process Creation and Termination Inter-process

Chapter 4: Threads Process Scheduling Process Creation and Termination Inter-process

Recap Process Concepts Chapter 4: Threads Process Scheduling Process Creation and Termination Inter-process Communication Communication in Client-Server Systems Presented By: Dr. El-Sayed M. El-Alfy Note: Most of the slides

459 views • 10 slides
VICTORY PROCESS Full Physical 3D Semiconductor Simulator VICTORY Process 3D Process Simulator

VICTORY PROCESS Full Physical 3D Semiconductor Simulator VICTORY Process 3D Process Simulator

VICTORY PROCESS Full Physical 3D Semiconductor Simulator VICTORY Process 3D Process Simulator VICTORY Process provides the capability to simulate comprehensive full process flows Etching, Deposition, Lithography Oxidation, Stress

953 views • 56 slides
Software Process Overview What is software process ? Examples of process models

Software Process Overview What is software process ? Examples of process models

1/18/17 Software Process Overview What is software process ? Examples of process models Unified Process (UP) Agile software development N. Meng, B. Ryder 2 1 1/18/17 Software Process

704 views • 22 slides
I3 I3 A CLOSED SED P PROCESS SS The whole process is one "Closed box", which

I3 I3 A CLOSED SED P PROCESS SS The whole process is one "Closed box", which

I3 I3 A CLOSED SED P PROCESS SS The whole process is one "Closed box", which dewater, dries and hygienizes the sludge via an efficient vacuum filter with added heat. CY CYCL CLE The process creates a cycle of nutrients and

337 views • 6 slides
Paging 11/10/16 Recall from Tuesday Our solution to fragmentation is to split up a processs

Paging 11/10/16 Recall from Tuesday Our solution to fragmentation is to split up a processs

Paging 11/10/16 Recall from Tuesday Our solution to fragmentation is to split up a processs address space into smaller chunks. Physical Memory OS Process 1 Process 3 OS: Process 3 Place Process 2 Process 3 Process 1 Process 3

799 views • 44 slides
Advanced Linux Usage 2017-10-24 Martin Dahl martin.dahlo@scilifelab.uu.se Valentin Georgiev

Advanced Linux Usage 2017-10-24 Martin Dahl martin.dahlo@scilifelab.uu.se Valentin Georgiev

Advanced Linux Usage 2017-10-24 Martin Dahl martin.dahlo@scilifelab.uu.se Valentin Georgiev valentin.georgiev@icm.uu.se Shell and Bash the Shell is a Command Line Interface (CLI) Bash is one particular shell tcsh, zsh are also shell

1.02k views • 64 slides
Real life experiences with the SharePoint Workflow #SPSUK Paolo Pialorsi Senior Consultant

Real life experiences with the SharePoint Workflow #SPSUK Paolo Pialorsi Senior Consultant

Real life experiences with the SharePoint Workflow #SPSUK Paolo Pialorsi Senior Consultant This session mainly targets PiaSys.com Developers and Workflow Designers @paolopia that use SPD2013 and VS2013 Thank You to Our Sponsors! About

900 views • 38 slides
Privacy Harm Analysis: A Case Study on Smart Grids Sourya Joyee De & Daniel Le M etayer

Privacy Harm Analysis: A Case Study on Smart Grids Sourya Joyee De & Daniel Le M etayer

Privacy Harm Analysis: A Case Study on Smart Grids Sourya Joyee De & Daniel Le M etayer INRIA, Universit e de Lyon, France 26 May 2016 PIA/ PRA is relevant today PIA: a process whereby the potential impacts and implica- tions of

394 views • 20 slides
Identifying key questions in PIA The most important, and often the most difficult stage of a

Identifying key questions in PIA The most important, and often the most difficult stage of a

Identifying key questions in PIA The most important, and often the most difficult stage of a PIA is deciding which questions should be answered. Who defines the questions? If you ve already worked with communities to identify

152 views • 3 slides
Short Course Short Course Katsuya Amako (KEK) Makoto Asai (SLAC) Gabriele Cosmo (CERN) Susanna

Short Course Short Course Katsuya Amako (KEK) Makoto Asai (SLAC) Gabriele Cosmo (CERN) Susanna

Short Course Short Course Katsuya Amako (KEK) Makoto Asai (SLAC) Gabriele Cosmo (CERN) Susanna Guatelli (INFN Genova) Maria Grazia Pia ( INFN Genova) Dennis Wright (SLAC) IEEE NSS/MIC 2003 Portland, 19 October 2003

409 views • 5 slides
Nuclear PDFs at the LHC and beyond Carlos A. Salgado Universidade de Santiago de Compostela

Nuclear PDFs at the LHC and beyond Carlos A. Salgado Universidade de Santiago de Compostela

Nuclear PDFs at the LHC and beyond Carlos A. Salgado Universidade de Santiago de Compostela Nuclei at the FHC CERN - December - 2013 @CASSalgado @HotLHC Disclaimer Very little time to prepare this talk: Slides mostly taken from other

494 views • 45 slides
Briefing for analysts: Telecoms Partner, Competition Stuart McIntosh 21 st July 2010 Agenda

Briefing for analysts: Telecoms Partner, Competition Stuart McIntosh 21 st July 2010 Agenda

1 Briefing for analysts: Telecoms Partner, Competition Stuart McIntosh 21 st July 2010 Agenda Introduction Stuart McIntosh Wholesale local access / Wholesale broadband access Gareth Davies Net neutrality Alex Blowers

311 views • 30 slides
Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance

Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance

Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance Engineering & Public Policy Lorrie Faith Cranor November 11, 2014 y & c S a e v c i u r P r i t e y l b L a a s

555 views • 21 slides

More recommend