Chapter 1: Privacy in the modern era Flashcards
Privacy definition
Individual right to protect yourself and your information from unwanted intrusions from others and the government.
Colloquial definition of privacy by Louis Brandeis
“Right to be let alone.”
GAPP definition of privacy
Rights and obligations of individuals and orgs with respect to the collection, use, retention, disclosure, and destruction of personal infomation
Personal information definition (GAPP)
Information that is or can be about or related to an identifiable person
SPI
Sensitive Personal Information
GDPR Special Categories of PI (8)
Racial or Ethnic Origin Political Opinions Religious or Philosophical Beliefs Trade Union Membership Genetic Data Biometric data used to identify a person Health data Sex life or sexual orientation data
Anonymization
Process of making it impossible to identify an individual to whom the information relates
HHS Deidentification Standard
A process to make information unidentifiable using two techniques
HHS Deidentification: Expert determination
Requires using a statistician who analyzes dataset and determines if individuals can be reidentified when data is combined with public information
HHS Deidentification: Safe Harbor
Removal of 18 types of information to eliminate direct and indirect links to an individual
?????Aggregation
Summarizing info in a way that makes it impossible to identify an individual
Privacy management
Defining, documenting, communicating, and assigning accountability for privacy policies and procedures.
Examples of privacy management
Policies
Assigning responsibility
Procedures for reviewing/editing policies
Performing annual risk assessments
Ensuring contractual terms align with privacy policies
Assessing privacy risks with technology
Privacy Incident Management Process
Training and awareness
Establishing qualifications for employees with privacy responsibilities
Notice
Providing notice about privacy policies and procedures, and identifying purpose for which PI is collected, used, retained, and disclosed
Notice tasks
Include notice practices in privacy policies
Notice about how collection aligns with other privacy principles
Providing timely, accurate, and updated notice (including when purpose/use change)
Writing notices in plain language and posting conspicuously
Choice and Consent
Describing choices available and obtaining implicit or explicit consent for the collection, use, and disclosure of PI
Collection
The way organizations obtain personal information.
Only collect for the purposes in a notice.
Use, retention, and disposal
Limit use of PI to purposes in the notice and for which consent was provided.
Retain only as long as necessary
Dispose information
Access
Providing individuals access to their PI for review and update
Disclosure to third parties
Entity discloses PI to 3rd Parties only for the purposes identified in the notice and with implicit or explicit consent
Security for privacy
Protect PI against unauthorized access
Quality
Maintain accurate, complete, and relevant PI for the purposes identified in the notice
Monitoring and enforcement
Monitor compliance with privacy policies and procedures to address privacy related inquiries, complaints, and disputes.
Three things a privacy program needs
Purpose
Strategy
Goals
3 primary data roles
Subject
Controller
Processor
Data Subject
Person about whom PI is collected
Data controllers
Determine the purpose and means of collecting PI from data subjects
Data Processors
Data Processors
Collect and process PI on behalf of controllers
Inventory
Contains information about sensitive PI held by the organization
ISO 27701
Extension to IISO 27001 for privacy information management
Privacy assessment results in…
A gap analysis
Privacy assessment results in…
A gap analysis
Examples of program monitoring
Audits
Periodic reviews
Assessment updates
Dashboards with key metrics
What are these examples of?
Privacy policies
Encryption
Puring data not meeting purpose limitation
Access controls
Process to maintain privacy preferences
Process to deal with incidents and complaints
Periodic program testing and assessment
Privacy controls
Active data collection
User submits data
Passive data collection
Org collects data automatically
Privacy notice
Conveys details of the privacy policy to end users
Layered privacy notice
Privacy noticed in plain language with legalese available
Who is responsible for protecting non-electronic records? (Privacy or Security)
Privacy
Privacy by Design
Incorporate privacy into design and implementation of technology
Proactive, not reactive. Preventative, no remedial.
Systems should be designed to prevent prviacy risks
Privacy as the default setting
Protect users even if they do not act in any way
Privacy embedded into Design
Privacy is a core requirement
Full functionality - Positive sum, not zero-sum
Seek win-win situations where privacy objectives are achieved alongside other objective.
End-to-end security - Full lifecycle protection
Security practices persist through entire information lifecycle
Visibility and transparency, Keep it open
System should be open for inspection
Respect for user privacy - Keep it user centric
Focus on the individual, empowering data subjects with user-friendly privacy practices
