Privacy Management Tool V3

522 views

Published on

There are several features & functions that PMT brings to an organisation. From the point of implementation, there are several achievements that are realisable within its first quarter of operation. One of the first challenges an organisation faces is the creation and dissemination of Privacy Policy and procedures to all its business units and key points of contact. PMT can enable the effective creation and dissemination of the Privacy policies and procedures in 4 weeks through its organisation chart. This forms the foundation of the PMT and the basis upon which the privacy regime is built.

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
522
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
1
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Privacy Management Tool V3

  1. 1. Privacy Management tool Privacy Management Tool PMT www.dataprotectionofficer.com | Info@dataprotectionofficer.com www.dataprotectionofficer.com info@dataprotectionofficer.com
  2. 2. Privacy Management tool Contents Overview ................................................................................................................................................. 3 What does the tool do? .......................................................................................................................... 4 Privacy Policy Management module....................................................................................................... 7 SAR and FOI Dashboard .......................................................................................................................... 7 Information Asset Register ..................................................................................................................... 8 Incident register ...................................................................................................................................... 8 Risk Register ............................................................................................................................................ 9 Audit calendar ....................................................................................................................................... 10 Contact details ...................................................................................................................................... 10 www.dataprotectionofficer.com info@dataprotectionofficer.com
  3. 3. Privacy Management tool Overview There are several features & functions that PMT brings to an organisation. From the point of implementation, there are several achievements that are realisable within its first quarter of operation. One of the first challenges an organisation faces is the creation and dissemination of Privacy Policy and procedures to all its business units and key points of contact. PMT can enable the effective creation and dissemination of the Privacy policies and procedures in 4 weeks through its organisation chart. This forms the foundation of the PMT and the basis upon which the privacy regime is built. A quick overview of the Privacy Management tool (PMT) is as follows: www.dataprotectionofficer.com info@dataprotectionofficer.com
  4. 4. Privacy Management tool What does the tool do? Privacy Requirement PMT PMT function capable Implementing corporate  Policy management – cross organisational view, policies and procedures Policies and disseminated across the enterprise. Group Policies are mapped to Local policies and to Procedures. Develop Corporate Privacy  Policies &Procedures ““ Provide strategic guidance  to corporate officers regarding information ““ resources and technology. Provide leadership in the  planning, design and evaluation of privacy and ““ security related projects Corporation’s Notice of  Information practices ““ Conducting educational  Organisation chart – represents every Business unit programs for business including your 3rd parties and partners. units and clients Auditing and administering  Audit – the module allows External and Internal privacy program reviews Auditors to conduct audits against business units or enterprise. All Audit non compliances are reported against a Policies or Information Assets. Leadership for privacy  Management team & Project engagement - The program for Assets and management team is setup to oversee the entire projects enterprise, a central management team will have visibility of Information Assets and risks. The project engagement module aligns with your organisations Project management cycle to ensure that each project is risk assessed and the assessment includes a Privacy impact assessment. Monitor systems  development and ““ operations for security and privacy compliance Counsel relating to  Partner register & ISA – Policy is disseminated to all business partner Contracts 3rd parties and partners, Information Sharing Agreements (ISA) with the 3rd parties and partners are also included in the Privacy framework. Handling (acquisition and  Information Asset Register (IAR) – The IAR is management) of completed by each business unit and it includes its risk Information Assets; assessment of each Information Asset. It also includes an ISA as well as the partner that the Information Asset www.dataprotectionofficer.com info@dataprotectionofficer.com
  5. 5. Privacy Management tool is disclosed to. Each business unit will be able to keep their records up to date whilst the management team are given visibility. All incidents and Audit non compliances recorded against each Asset is also displayed on the dashboard. Use and disclosure of  Information Assets ““  Access/Inspection/Copying ““ of information Assets Amendment/correction of  Information Assets ““ Accounting of Disclosure  ““ Record-keeping  Procedures ““ Administrative Procedures  Subject Access Request dashboard – Admin checks, validity checks are carried out and monitored. All requests are logged, tracked and monitored for responses. It also caters for Attorneys acting on behalf of subjects Individual requesting  access who is the subject ““ of the protected Information Asset Power-of-attorney/legal  authority ““ Disclosure required by  other laws and ““ enforcement in day to day practices Financial institution non-  routine transaction ““ requests Judicial and administrative  proceedings ““ Research-related requests  ““ Mitigate effects of a use or  disclosure of Information Asset by members of the entity’s workforce or ““ business partners. Resolve allegations of non-  compliance with the corporate privacy policies or notice of information ““ Practices Government data systems  IAR – each Information Asset is classified in for specific classes of accordance with the CESG classification guidelines. information Each asset is also given a risk rating. www.dataprotectionofficer.com info@dataprotectionofficer.com
  6. 6. Privacy Management tool Report on a periodic basis  Report module – creates a report on all the various regarding the status of the aspects of the Privacy monitoring tool. privacy program to the Board, CEO or other bodies responsible Individual Assist the Information  Information Security – the information Security Security Officers with the Department is included into the architecture and their is development and a link into the PMT in the form of Compliance, implementation of an Information Security Incident Management, Risk information Governance Register, infrastructure Develop appropriate  Incident & Risk Register & Audit non compliances – sanctions for failure to all act as sources of issues, risks and problems within comply with the corporate the Privacy regime. The management team will be able privacy policies and to intercept the activities in the form of access to procedures registers and capability to intervene and resolve them. Development and  application of corrective ““ action procedures: www.dataprotectionofficer.com info@dataprotectionofficer.com
  7. 7. Privacy Management tool Privacy Policy Management module SAR and FOI Dashboard www.dataprotectionofficer.com info@dataprotectionofficer.com
  8. 8. Privacy Management tool Information Asset Register Incident register www.dataprotectionofficer.com info@dataprotectionofficer.com
  9. 9. Privacy Management tool Risk Register www.dataprotectionofficer.com info@dataprotectionofficer.com
  10. 10. Privacy Management tool Audit calendar Contact details Ben Oguntala Ben.oguntala@dataprotectionofficer.com www.dataprotectionofficer.com 07812039867 www.dataprotectionofficer.com info@dataprotectionofficer.com

×