Results of the Task Team Privacy

Slides:

Advertisements

Similar presentations

PRESENTATION ON MONDAY 7 TH AUGUST, 2006 BY SUDHIR VARMA FCA; CIA(USA) FOR THE INSTITUTE OF INTERNAL AUDITORS – INDIA, DELHI CHAPTER.

Advertisements

Core principles in the ASX CGC document. Which one do you think is the most important and least important? Presented by Casey Chan Ethics Governance &

Agenda COBIT 5 Product Family Information Security COBIT 5 content

The quality framework of European statistics by the ESCB Quality Conference Vienna, 3 June 2014 Aurel Schubert 1) European Central Bank 1) This presentation.

© CSR Asia 2010 ISO Richard Welford CSR Asia

Data Management Awareness January 23, University of Michigan Administrative Information Services Data Management Awareness Unit Liaisons January.

ISO 17799: Standard for Security Ellie Myler & George Broadbent, The Information Management Journal, Nov/Dec ‘06 Presented by Bhavana Reshaboina.

BIG DATA AND THE HEALTHCARE REVOLUTION FORD+SSPG 2014.

Products and Sources: Issues and Challenges Steven Vale on behalf of the Modernisation Committee on Products and Sources.

ISO Richard Welford CSR Asia © CSR Asia 2011.

Information Security Update CTC 18 March 2015 Julianne Tolson.

Principles of good practice Jana Kunická Community Philanthropy Initiative Coordinator European Foundation Centre.

Confidentiality and Security Issues in ART & MTCT Clinical Monitoring Systems Meade Morgan and Xen Santas Informatics Team Surveillance and Infrastructure.

Dissemination to support Research & Analysis John Cornish.

Big Data Quality, Partnerships and Privacy Teams.

The Regional Initiatives: Progress and Prospects Conference Brussels, 28 March 2007 Mr Walter Boltz ERGEG Gas Focus Group Chair Status Report of the Gas.

April 14, A Watershed Date in HIPAA Privacy Compliance: Where Should You Be in HIPAA Security Compliance and How to Get There… John Parmigiani National.

ADMINISTRATION & MANAGEMENT TOOLS BY: DURGESH PATEL & KHUSHBOO KADBER

Security Policies and Procedures. cs490ns-cotter2 Objectives Define the security policy cycle Explain risk identification Design a security policy –Define.

Max Booleman, Statistics Netherlands Antonio Baigorri, Eurostat The 10 commandments of process and product quality in official statistics.

Name Position Organisation Date. What is data integration? Dataset A Dataset B Integrated dataset Education data + EMPLOYMENT data = understanding education.

Office of Campus Information Security Driving a Security Architecture by Assessing Risk Stefan Wahe Sr. Information Security Analyst.

United Nations Economic Commission for Europe Statistical Division High-Level Group Achievements and Plans Steven Vale UNECE

Chapter 11: Policies and Procedures Security+ Guide to Network Security Fundamentals Second Edition.

Implementation of the European Statistics Code of Practice Yalta September 2009 Pieter Everaers, Eurostat.

Prepared by Andrew Robinson, Assistant Statistician Presented by Melinda Williams, Director, at 8 th Regional Statistical Research Seminar October 30,

FORUM GUIDE TO SUPPORTING DATA ACCESS FOR RESEARCHERS A STATE EDUCATION AGENCY PERSPECTIVE Kathy Gosa, Kansas State Department of Education.

Slide 1 Federation des Experts Comptables Méditerranéens 4 th FCM Conference Capri, 3-4 May 2004 The Globalisation of Small and Medium-sized Enterprises.

Modern Project Management

HETUS Pilot Group 8 Privacy procedures and ethical issues Kimberly Fisher, Centre for Time Use Research – co-ordinator External consultant Kai Ludwigs.

HIPAA Compliance Case Study: Establishing and Implementing a Program to Audit HIPAA Compliance Drew Hunt Network Security Analyst Valley Medical Center.

UN GGIM LAUNCHES A GROUP OF EXPERTS ON LAND ADMINISTRATION AND MANAGEMENT Kees de Zeeuw, The Netherlands – Chair UN-GE-LAM Mahashe Chaka- Lesotho – Co-Chair.

Governance, Risk and Ethics. 2 Section A: Governance and responsibility Section B: Internal control and review Section C: Identifying and assessing risk.

Meeting global responsibilities by caring for communities.

Principles Identified - UK DfT -

Information ITIL Technology Infrastructure Library ITIL.

Theme (iv): Standards and international collaboration

Mirjana Boshnjak Skopje, 20 to 22 September 2017

An Overview on Risk Management

Current IAASB Developments

Crisis management related research at

Development of Strategies for Census Data Dissemination

Recap of the First Day of

Viewing the GDPR Through a De-Identification Lens

Modernization Committee on Products and Sources: Achievements and Follow-up 4th High -Level Group Workshop on the modernization of Production and.

International Energy Agency

The International Plant Protection Convention

Published: Aug 2017 Single User PDF: US$ 2500 No. of Pages: 499

BUILDING A PRIVACY AND SECURITY PROGRAM FOR YOUR NON-PROFIT

Security Engineering.

Dissemination Workshop for African countries on the Implementation of International Recommendations for Distributive Trade Statistics May 2008,

Seminar on Statistical Data Collection Geneva, 25 – 27 September 2013

Understanding Security Layers

Ethical questions on the use of big data in official statistics

Revision of the Internal Control Framework in the European Commission PEMPAL Internal Audit Community of Practice (IACOP) Brussels, 27th February 2017.

Disseminating Statistics to the Research Community

SOFTWARE PROJECT MANAGEMENT

Idendification of and Consultation with Census Data Users

Scanning the environment: The global perspective on the integration of non-traditional data sources, administrative data and geospatial information Sub-regional.

Project Start-up This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No

BETTER AND PROPER ACCESS TO PACIFIC MICRODATA

Exchange and Sharing of Economic Data

Drew Hunt Network Security Analyst Valley Medical Center

Project Start-up This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No

FLOODsite Integrated Project

WORKING PARTY ON NATIONAL ACCOUNTS 12 – 15 October 2004

Ethical Implications of using Big Data for Official Statistics

Privacy and personal data protection

Draft revision of ISPM 6: National surveillance systems ( )

Jerome Reiter Department of Statistical Science Duke University

Presentation transcript:

Results of the Task Team Privacy Peter Struijs Statistics Netherlands

Members of the Task Team Shane Weir, chair, and James Chipperfield, Australia Pascal Jacques, Eurostat Jörg Drechsler, Germany Josep Domingo-Ferrer, Italy Peter Struijs, Netherlands Anna Nowicka, Poland Vicenc Torra, Spain Luis Gonzalez and Shaswat Sapkota, UNSD Monika Jingchen Hu, USA

The tasks To give an overview of existing tools for risk management in view of privacy issues To describe how risk of identification relates to Big Data characteristics To draft recommendations for NSOs on the management of privacy risks related to Big Data

Existing tools for privacy risk management Disclosure risk for estimates versus micro-data access Risk of attempt at disclosure versus risk of success of attempt Micro-data access: strategies for micro-data dissemination, onsite analysis and remote access Databases: distinguish between owner privacy, respondent privacy and user privacy Managing privacy: trade-off between disclosure risk and utility

Big Data characteristics and privacy risk Big Data characteristics: volume, velocity, variety, veracity Also relevant to privacy: availability, aggregation, society awareness, flexibility, provider infrastructure, geographical differences Task Team looked at: GPS location data, tool assessment in light of characteristics, onsite analysis versus remote access, feasibility of re-identification experiments

Recommendations on information integration and governance Monitor database activity Apply best practices for security of IT systems and business practices: separation of duties separation of concerns (modular approach to functionality) principle of least privilege (no more access rights than needed) defence in depth (multiple security mechanisms/layers) Apply best practices of security of transportation Apply data encryption

Recommendations on statistical disclosure limitation/control Preserve confidentiality by restricting data access and data release Ensure access to useful data Balance data utility and disclosure risk. Use not only traditional approaches, but also modern techniques such as data records simulation using statistical models

Recommendations on managing risk to reputation Enforce ethical principles in the supply chain, including accountability and informed consent Establish strong compliance control Monitor threats to reputation Be transparent towards stakeholders, and organise a dialogue with the public Create a crisis communication plan

Conclusions Existing tools are well-developed Privacy risk can be linked to Big Data characteristics Recommendations have been formulated on: information integration and governance statistical disclosure limitation/control managing risk to reputation But: not much experience yet with Big Data privacy issues