1. Scope of Application 2. Use Case Actors Data Flows Touch Points Initial PI 3. PI - at Touch Points In Internal Out 4. PI - Operational Privacy Policies.

Slides:



Advertisements
Similar presentations
Micro Assessment. What is a Micro Assessment? An assessment of the adequacy of the implementing partners financial management systems and internal controlsAn.
Advertisements

Privacy By Design Sample Use Case
Privacy Impact Assessment Future Directions TRICARE Management Activity HEALTH AFFAIRS 2009 Data Protection Seminar TMA Privacy Office.
29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL DATA PROTECTION AND PRIVACY COMMISSIONERS.
Project Selection Overview By Tim Washington September 14 th, 2011.
Ambition in Action. Ambition in Action Preparing and Presenting an Effective Business Case Presentation to HIMAA July 2010.
Privacy By Design Draft Privacy Use Case Template
Privacy Evaluation Methodology (PEM) v1.0 Overview IDESG Privacy Committee James R. Elste Dr. Stuart Shapiro February 2013.
29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL DATA PROTECTION AND PRIVACY COMMISSIONERS.
1 IBM Software Group ® PRJ270: Essentials of Rational Unified Process Module 3: RUP Structure and Navigation.
Define & Compare Flowcharts of Each Method Tom Delong.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
By: Ashwin Vignesh Madhu
RISK IDENTIFICATION IN PAYMENT METHOD. OVERVIEW OF FINANCING METHODS: Risk Identification and Mitigation –Cash in Advance When It is Used Risk to Importer.
Service Level Agreements. Introduction  Pre IT economies, services contracted out were remote from the core business activities of the customer. Most.
LSU 10/09/2007System Design1 Project Management Unit #2.
EPLC Deliverables Sherry Brown-Scoggins & Wanda Hall
Privacy By Design Sample Use Case Privacy Controls Insurance Application- Vehicle Data.
Information Asset Classification
Effective Methods for Software and Systems Integration
Gurpreet Dhillon Virginia Commonwealth University
Chapter 10 Systems Planning, Analysis, and Design.
Project Management Phases Class 6. Initiation & Planning – Agenda Overview of the project management phases Midterm paper details.
Staff Structure Support HCCA Special Interest Group New Regulations: A Strategy for Implementation Sharon Schmid Vice President, Compliance and.
OASIS PRIVACY MANAGEMENT REFERENCE MODEL EEMA European e-identity Management Conference Paris, June 2012 John Sabo, CA Technologies Co-Chair, OASIS.
RUP Fundamentals - Instructor Notes
An EDI Testing Strategy Rosemary B. Abell Director, National HIPAA Practice Keane, Inc. HIPAA Summit IV April 24-26, 2002.
WHEN TITLE IS NOT A QUESTION N O ‘WE CAN’ WHEN TITLE IS NOT A QUESTION N O ‘WE CAN’ WHEN TITLE IS NOT A QUESTION N O ‘WE CAN’ Identity and Privacy: the.
NIST Special Publication Revision 1
ITEC 3220M Using and Designing Database Systems
Computer Security “Measures and controls that ensure confidentiality, integrity, and availability of IS assets including hardware, software, firmware,
PMRM TC Emergency Responder Use Case Draft: 2 Aug 2011.
CSE9020 Schedule, / 1 The Suggested Schedule Week Content/Deliverable 1. 4/3Unit Overview, Project Description, Meetings, Group Formation 2. 11/3Project.
Gershon Janssen 11 th October 2011 London Privacy Management Reference Model International Cloud Symposium 2011.
Grid Resource Allocation and Management (GRAM) Execution management Execution management –Deployment, scheduling and monitoring Community Scheduler Framework.
Cloud Use Cases, Required Standards, and Roadmaps Excerpts From Cloud Computing Use Cases White Paper
Session ID: Session Classification: Dr. Michael Willett OASIS and WillettWorks DSP-R35A General Interest OASIS Privacy Management Reference Model (PMRM)
Presentation annotated by Gail Magnuson LLC with permission from Using Information Technologies to Empower and Transform.
ITU-T X.1254 | ISO/IEC An Overview of the Entity Authentication Assurance Framework.
Overview Privacy Management Reference Model and Methodology (PMRM) John Sabo Co-Chair, PMRM TC.
Project Plan. Project Plan Components Project Overview – Description and Strategy Business Case Summary Key Deliverables and Scope Critical Success Factors.
RBM and Asset Strategy.
Integrating Environmental Management System (EMS) Requirements and Work Controls April 21, 2004 Denny Hjeresen, EMS Team Lead, LANL Gene Turner, NNSA Lead,
Notes of Rational Related cyt. 2 Outline 3 Capturing business requirements using use cases Practical principles  Find the right boundaries for your.
Audit Planning Process
Software Engineering Prof. Ing. Ivo Vondrak, CSc. Dept. of Computer Science Technical University of Ostrava
Corvelle Drives Concepts to Completion EPAP Compliance Guidance Zedi EPAP Education Seminar October 27, 2009.
1 CSCD 326 Data Structures I Software Design. 2 The Software Life Cycle 1. Specification 2. Design 3. Risk Analysis 4. Verification 5. Coding 6. Testing.
Business Analysis. Business Analysis Concepts Enterprise Analysis ► Identify business opportunities ► Understand the business strategy ► Identify Business.
Topic 5 Initiating a project
Approved for Public Release. Distribution Unlimited. 1 Government Privacy Rick Newbold, JD, MBA, CIPP/G Futures Branch 28.
BSBPMG501A Manage Application of Project Integrative Processes Manage Project Integrative Processes Unit Guide Diploma of Project Management Qualification.
Phases of Curriculum Design: Evaluation Stufflebeam’s CIPP Model Dr. Katherine Korkidis April 19, 2009.
Sistemas de Información Agosto-Diciembre 2007 Sesión # 9.
Organizing a Privacy Program: Administrative Infrastructure and Reporting Relationships Presented by: Samuel P. Jenkins, Director Defense Privacy Office.
Quality and reliability management in projects (seminar)
PMRM Revision Discussion Slides Illustrations/Figures 1-3 o Model, Methodology, “Scope” options Functions, Mechanisms and “Solutions” Accountability and.
CI R1 LCO Review Panel Preliminary Report. General Comments –Provide clear definition of the goals of the phase (e.g. inception), the scope, etc. in order.
E-Commerce E-Commerce Security?? Instructor: Safaa S.Y. Dalloul E-Business Level Try to be the Best.
Castlebridge associates | | Castlebridge changing how people think about information How to Implement the.
System of Environmental-Economic Accounting Sokol Vako United Nations Statistics Division Training for the worldwide implementation of the System of Environmental.
Data Protection in e-Voucher Systems Joel Urbanowicz Manager, ICT Deployment Services Catholic Relief Services.
Capacity Assessment of Implementers LFA PSM expert workshop January 2014.
 The processes used for RE vary widely depending on the application domain, the people involved and the organisation developing the requirements.  However,
Project Management and Information Security
Welcome!.
What is IT audit? An examination of how IT systems where implemented to ensure that they meet the organization’s business needs without compromising.
Stakeholder Engagement
LEARNING & DEVELOPMENT STRATEGY: PROCESS OVERVIEW
ONAP Risk Assessment – Preparation Material - Overview of the Process - Terminology - Assumptions
Presentation transcript:

1. Scope of Application 2. Use Case Actors Data Flows Touch Points Initial PI 3. PI - at Touch Points In Internal Out 4. PI - Operational Privacy Policies Inherited Internal Exported 5. Privacy Management Services at each Touch Point – Policies Define policy requirements associated with each Service 6.Privacy Management Services at each Touch Point – Operational Functions Define functions associated with each service 7. Risk Assessment and Iteration Overview of Privacy Management Reference Model

Phase 1: Scope of Application DEFINE SCOPE OF APPLICATION IMPACTING PERSONAL INFORMATION Define the particular business system, process(es), product(s), environment, service(s), system(s), data, and application(s) which will impact the collection, communication, processing, storage or destruction of PI or PII

Phase 2: Use Case Develop a Use Case that can be used to conduct a privacy impact assessment or Accountability Review and the subsequent application of the PMRM Provide details of the business processes and data flows using a data lifecycle description model Provide the level of detail needed to include all actors, touch points, processing and other data management actions, and policy points Actors Data Flows Touch Points Initial PI

Phase 3: PI - at Touch Points Define PI collected, processed, communicated, stored and destroyed Flows in Internal Flows out

Phase 4: PI - Operational Privacy Policies Define policy requirements system- wide and, if necessary, associated with each touch point Define FIP/Ps expressed as operational requirements linked to each PI element or sets of PI elements at each Touch Point

5: Services at each Touch Point – Policy Select PMRM services necessary to support policy requirements Core Policy, Assurance, Presentation and Lifecycle Define the operational policy requirements associated with each service

Phase 6: Services at each Touch Point – Operational Functions Define implementation mechanisms to support the policy requirements associated with each service Conduct detailed operational risk assessmentSelect controls needed to mitigate risks Determine if changes are needed and modify controls, mechanisms, operational requirements and policies as necessary

Phase 7: Risk Assessment Conduct detailed operational risk assessmentSelect controls needed to mitigate risks Determine if changes are needed and modify controls, mechanisms, operational requirements and policies as necessary

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.