Your SlideShare is downloading. ×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Mark E.S. Bernard Privacy Protection System

2,200
views

Published on

Mark E.S. Bernard Privacy Protection System

Mark E.S. Bernard Privacy Protection System

Published in: Business

0 Comments
4 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
2,200
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
71
Comments
0
Likes
4
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 2. • ISO/IEC 27001 Integration • PIA Overview • Optimal Timing • PIA Workflow • PIA Process • Privacy Protection Process • Breach Protocol •Q&A*** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 3. *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 4. 7.1.2 Ownership of assetsAll information and assets associated with information processing facilities shall be‘owned’ 3) by a designated part of the organization.7.1.3 Acceptable use of assetsRules for the acceptable use of information and assets associated with informationprocessing facilities shall be identified, documented, and implemented. *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 5. A.7.2.1 Classification guidelinesInformation shall be classified in terms of its value, legal requirements, sensitivityand criticality to the organization.A.7.2.2 Information labelling and handlingAn appropriate set of procedures for information labelling and handling shall bedeveloped and implemented in accordance *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 6. 10.7.1 Management of Removable MediaThere shall be procedures in place for the management of removable media.10.7.2 Disposal of MediaMedia shall be disposed of securely and safely when no longer required, usingformal procedures.10.7.3 Information Handling PracticesProcedures for the handling and storage of information shall be established toprotect this information from unauthorized disclosure or misuse.10.7.4 Security of System DocumentationSystem documentation shall be protected against unauthorized access. *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 7. 12.1 Security Requirement for Information Systems12.1.1 Security Requirements Analysis & SpecificationsStatements of business requirements for new information systems, or enhancements toExisting information systems shall specify the requirements for security controls.Explanatory NotesThe documented security requirements and controls shall include at a minimum:• classification of the data handled and/or generated by the system;• access requirements;• hardware and operating system to be used;• software packages, programming languages, software tools;• network elements communicating with the system;• protection requirements for sensitive information;• protection requirements for access;• protection requirements for hardware and operating systems;• protection requirements for network elements;• security resources and security funding requirements; and• required exceptions to security policy. *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 8. 15.1 Compliance with Legal Requirements15.1.1 Identification of Applicable LegislationAll relevant statutory, regulatory and contractual requirements and the organization’s approach to meet theserequirements shall be explicitly defined, documented, and kept up to date for each information system and theorganization.15.1.2 Intellectual Property Rights (IPR)Appropriate procedures shall be implemented to ensure compliance with legislative, regulatory, and contractualrequirements on the use of material in respect of which there may be intellectual property rights and on the use ofproprietary software products.15.1.3 Protection of Organizational RecordsImportant records shall be protected from loss, destruction and falsification, in accordance with statutory,regulatory, contractual, and business requirements.15.1.4 Data Protection and Privacy of Personal InformationData protection and privacy shall be ensured as required in relevant legislation, regulations, and, if applicable,contractual clauses. *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 9. *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 10. Defined by the American Institute of Certified Public Accountants (AICPA); Personally Identifiable Information is any information relating to an identified or identifiable individual broken into two of the following categories: ‘Private Information’ (PI) customers name address, telephone number, social security/insurance, other government identification numbers, employer, credit card numbers, personal or family financial information, personal or family medical information, employment history, history of purchases or other transactions, credit records and similar information. ‘Sensitive Private Information’ medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, sexual preferences. *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 11. • customer data and records;• Non-published customer information;• lists of actual and potential Organizational customers;• employee records of all kinds;• Human Resources information;• financial compensation information;• performance information, until made public;• intellectual property information;• operating financial results, until made public;• vendor proposals and potential contract information;• new development projects and research discoveries that, if released, could have a severe effect on Organizational’s competitive advantage;• pricing and cost information, before it is announced to the public and becomes classified as Public Domain;• outside plant records including: circuit routing, facility information, cable and pair assignment information, and test line numbers; and• Internal Audit and Organizational Security reports. *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 12. The Privacy Impact Assessment is a risk management tool that achievesthe following goals:• Identifies actual or potential impacts that an information system, technology or program may have on privacy• Transforms qualitative data into quantitative facts for decision makers• Identifies and addresses the manner in which the actual or potential risks to privacy can be mitigated• Ensures that the collection, use, disclosure, retention, or disposal of information complies with data protection legislation *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 13. • Major changes to existing programs• New programs• New delivery structures and partnerships• Changes in technology• Additional systems linkages• Enhanced accessibility• Service monitoring• Delivery channel management• Data warehousing• Re-engineering business processes *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 14. • Marketing—Organization-specific policy experience, broad strategic policy and planning skills and customer impact analysis skills• Operational—Knowledge of the operational flow of the organization, to advise on the feasibility, practicality, efficiency of the program and alternatives• Systems Engineering—Including design, attributes and operations of mainframe and legacy systems, networking products, new Internet tools, system security and front-end customer interface systems• Security Officer—Comprehensive financial and due diligence audit experience; if available, specialties related to audits of computer system vulnerabilities• Legal—Statutory, regulatory and contractual expertise• Privacy Expertise—National and international privacy standards, privacy enhancing technologies, and current privacy developments *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 15. • United States Safe Harbor Privacy Principles Issued By The U.S. Department Of Commerce On July 21, 2000• July 14, 2000 - Safe Harbor Enforcement Overview, Federal and State “Unfair and Deceptive Practices” Authority and Privacy• United Kingdom Data Protection Act 1998• Organization for Economic Co-operation and Development (OECD) Privacy Guidelines• European Union Directive 95/46/EC• United Nations Guidelines for the Regulation of Computerized Personal Data Files, Adopted by the UN General Assembly 14 December 1990 Model Clauses for Use in Contracts involving• Transborder Data Flows 23 Sept. 1998• International Chamber of Commerce Australia Privacy Act 1988• Hong Kong Data Protection Principles• Japan Handbook Concerning Protection Of Personal DataECOM Guidelines Concerning the Protection of Personal Data in Electronic Commerce in the Private Sector (version 1.0)• Canada - Personal Information Protection and Electronic Documents, 48-49 Elizabeth II, Chapter 5 Assented to 13th April, 2000• Germany Federal Data Protection Act *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 16. • Identifying the purpose of the personal information associated with business process• Documenting the collection, use, disclosure and destruction of personal information• Providing management with a tool to make informed policy, operations and system design decisions, based on an understanding of privacy risk and of the options available for mitigating that risk• Ensuring that accountability for privacy issues has been clearly incorporated in the project• Creating a consistent format and structured process for analyzing both technical and legal compliance with relevant statutory and regulatory obligations• Reducing revisions and retrofitting of information systems to meet data protection statutory, regulatory and contractual obligations for compliance *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 17. • Step 1 – Organizational Responsibility for Personal Information• Step 2 – Identifying the Purpose for Personal Information• Step 3 – Limiting Data Collection to Business Objectives• Step 4 – Required Consent• Step 5 – Limitations on the Retention of Personal Information• Step 6 – Accuracy of Data• Step 7 – Data Security• Step 8 – Training and Communication *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 18. *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 19. *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 20. Please note that there are three roles engaged in the process workflow describedwithin this practice. The Organizational Information Security Office facilitates thedevelopment and finalization of the PIA. The Sponsor signs off on its acceptance andthe Project Manager and Project Team provide the technical details and coordinationuntil successful completion. *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 21. *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 22. *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 23. *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 24. *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 25. *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 26. *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 27. 1.1. Division/Department and Program Area.Division:________________________________________________Department:_____________________________________________Program:________________________________________________1.2. Contact Position and/or Name, Telephone Number and E-Mail Address. (This should be thename of the Individual most qualified to respond to questions regarding the PIA).Name:___________________________________________________Title:____________________________________________________Department:______________________________________________Phone:___________________________________________________Number:__________________________________________________E-Mail:___________________________________________________1.3. Description of the Program/System/Legislation (Initiative) being assessed. (Please note if theinitiative does Not collect, use or disclose personal information). If this is a change to existinglegislation, system or program, describe the current system or program and the proposed changes.____________________________________________________________________________________________________________________________________________________________ *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 28. 1.4. Purpose/Objectives of the initiative (if statutory, provide citation).___________________________________________________________________________________________________________________________________________________________________________________________________________________________1.5. What are the potential impacts of this proposal? (Include privacy impacts in this description)._____________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________1.6. Provide details of any previous PIA or other form of personal information assessment doneon this initiative (in whole or in part).___________________________________________________________________________________________________________________________________________________________________________________________________________________________ *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 29. 2.1. Describe the field level elements of personal information that will be collected, used and/ordisclosed and the nature and sensitivity of the personal information. For example: Name, homeaddress, gender, age/birth date, SIN, Employee#, race/national, ethnic origin.______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________2.2. Provide a description including a narrative and flow chart of the linkages and flows ofPersonal information collected, used and/or disclosed.______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________ *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 30. 1. Has responsibility for Organizational privacy oversight been assigned to aSpecific individual? Y/N2. Are the roles, responsibility and reporting structure of that person documented? Y/N3. Have performance requirements been specified in a measurable way, and subject tomanagement reviews? Y/N4. Are independent third-party audits facilitated to review privacy practices? Y/N5. Has Organizational retained the legal right to collect, use, disclose, archiveand dispose of personally identifiable information under its custody? Y/N6. Has Organizational retained the legal right to audit and enforce dataprotection principles with Trimble Divisions and external service providers? Y/N *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 31. 1. Is the business purpose for the collection, use, retention and disclosuredocumented? Y/N2. Has the purpose for collection been mapped to the business purpose? Y/N3. Has the purpose for collection been mapped to a specific statute or regulation? Y/N4. Is the purpose for collection based on an exception due to debt collection,investigations or media? Y/N5. Has Organizational customers been formally notified of the purpose forthe collection? Y/N *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 32. 1. Can the requirements for information collection be limited or reduced? Y/N2. Is personally identifiable information collected directly from the individual? Y/N3. Is personally identifiable information indirectly collected thou other programs? Y/N4. Is personally identifiable information collected indirectly thru external parties? Y/N5. Will the Customers online activity be monitored and related information collected? Y/N6. Is the information collected for planning, forecasting, or evaluation purposes? Y/N7. Can the information collected be made anonymous and still meet the businesspurpose? Y/N *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 33. 1. Was the consent clearly linked to the purpose for collection and usage? Y/N2. Did the consent clearly and unambiguously specify that personally identifiableInformation can be collected, used and disclosed? Y/N3. Did the individual implicitly consent to the collection of their personally identifiableinformation? Y/N4. Was the consent to collect personal identifiable information implied? Y/N5. Was consent gathered based on the individual’s option to ‘opt-in’? Y/N6. Was consent gathered based on the individual’s option to ‘opt-out’? Y/N7. Was personally identifiable information collected indirectly from an external thirdparties? Y/N8. Does consent allow for secondary uses like service improvements? Y/N9. Has procedures been created to obtain further consent for usage not previouslyidentified? Y/N *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 34. 1. Are there specific statutory or regulatory obligations for retaining personal identifiableinformation? Y/N2. Has the reconciliation of cross jurisdictional retention obligations been completed? Y/N3. Have practices and/or standards been document with respect to the retention ofPersonal information? Y/N4. Do these standards include a minimum and maximum retention period? Y/N5. Is there a method to log and report on the duration which personally information hasbeen retained? Y/N6. Are there documented practices and standards outlining the appropriate methods ofdestruction, erasure or anonymizing personally information? Y/N7. Are disposal/destruction records maintained for personally information? Y/N *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 35. 1. Are updates to Customer records recorded including date, time stamp and useraccount? Y/N2. Have procedures been documented and communicated to Customers regardingAccess and maintenance of inaccurate records? Y/N3. Are records kept regarding requests for access to records? Y/N4. Can Customers access their personally information without disrupting regularoperations? Y/N5. Has field level validation been implemented for interactive updates to records? Y/N6. Has exception reporting been implemented for batch file processing? Y/N7. Are errors to information process monitored and investigated? Y/N8. Are external parties notified of corrections? Y/N *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 36. 1. Has a Risk Assessment been facilitated for the information asset? Y/N2. Are regular user account access and privilege access rights authorized and recorded? Y/N3. Has the roles and responsibilities for asset owners and custodians been documented andcommunicated? Y/N4. Has an information handling practice and standard been documented for the collection,transmission, storage and disposal of personal information? Y/N5. Has a breach protocol been documented and communicated to all stake holders? Y/N6. Have Organizational employees been trained on the requirements for protecting personalinformation? Y/N7. Has a process been documented for granting users access to the maintenanceapplication to add, change or delete personal information? Y/N8. Does the business system including audit logging of access to personal informationincluding date and time stamping and user account? Y/N *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 37. 1. Has training and awareness been developed for Organizational employees? Y/N2. Does the training include an overview of statutory, regulator and contractual obligations for dataprotections? Y/N3. Does training include an overview of Organizational policies, practices and standardsrelating to the Handling of personal information? Y/N4. Does training include instructions concerning the reporting of suspected breaches in security? Y/N5. Does training include instructions regarding the “whistleblower” policy? Y/N6. Are there documented plans for training on “how to” facilitate a privacy impact assessment? Y/N7. Are new hires required to attend information handling training and awareness before access topersonal information is granted? Y/N8. Have all Organizational employees accessing personal information attended training and awareness? Y/N9. Has an annual training and awareness program and schedule been created and communicated? Y/N10. Are records of Organizational employee and contractors attendance including post session evaluations andsign in sheets maintained? Y/N *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 38. *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 39. • Classification labeling• Access restriction• Classified information authorization list• Information input/output validation• Protection of spooled/printed information• Storage complies with manufactures specifications• Keep distribution to a minimum• Clear Marking of recipient/sender• Review distribution list *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 40. •Granting Access Rights •Third-party / External-party•Network Access Control Disclosure•Storage on Servers •US Personnel Disclosure•Storage on Removable Media •Electronic Media Labeling•Physical Removal •Hardcopy Labeling Required•Duplicating/Copying •Physical Mail Handling•Faxing •Tracking Process by Log•Transmission over Internet •Human Resources•Transmission over FTP •Remote Access•Transmission over email •Desktop•Transmission over wireless •Laptop•Disposal/Destruction *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 41. *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 42. *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 43. *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 44. *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 45. *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 46. *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 47. *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 48. *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 49. *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 50. “Data breach” means an incident involving loss of, unauthorized access to, or disclosure of, personalinformation as a result of a breach of an organization’ssecurity safeguards pursuant to Principle 7 of Schedule 1 of PIPED Act. *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 51. • In the event of a data breach, where it is reasonable to considerin the circumstances that there exists a substantial risk ofsignificant harm to affected individuals, the organization will notifyaffected individuals as a matter of course, and other organizationsas required, as soon as is reasonably possible after detection,confirmation and assessment of the scope and extent of thebreach.• Notification to affected individuals will be provided in a clear andconspicuous manner using a direct means of communication, andwill include information that is sufficient for the individual tounderstand the significance of the breach, and to take steps tomitigate harm resulting from it. *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 52. • Factors that are relevant to the determination of substantial riskinclude (i) the sensitivity of the information involved in the databreach and (ii) the probability that the information could bemisused, or that harm to the affected individuals might result.• Factors that are relevant to the determination of which otherorganizations should be notified are (i) whether an organizationhas a role in the mitigation or prevention of harm to the affectedindividuals; or (ii) whether an organization could reasonably beexpected to suffer direct harm as a result of the data breach. *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 53. • The organization will also report to the Privacy Commissionerany material data breach, as soon as is reasonably possiblefollowing detection, confirmation, and an assessment of scopeand extent of the breach.• Factors relevant to the determination of material data breachinclude (i) the sensitivity of the information involved in thebreach, (ii) the number of individuals affected, and (iii) if itconstitutes a pattern, or provides evidence of a systemic root-cause, outside of commercially acceptable operating standards. *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 54. •The organization having control of the information will beresponsible for determining the need for notification to affectedindividuals and organizations and for reporting to the PrivacyCommissioner. *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***
  • 55. For more information contact Skype; Mark_E_S_Bernard Twitter; @MESB_TechSecureLinkedIn; http://ca.linkedin.com/in/markesbernard *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***