Privacy by Design Maureen H Falconer Sr Guidance & Promotions Manager Building a Successful Information Sharing Partnership: Privacy by Design 13 August.

Slides:



Advertisements
Similar presentations
ONS Research Data Access Strategy AGENDA Background and context Confidentiality The Strategy.
Advertisements

London Public Health Transition Delivery Board
The Department of Energy Enterprise Risk Management Model
‘Working together to improve mental health’ The Lancashire Mental Health and Social Care Partnership Board Made up of representation from Local Authorities,
SEMINAR NAIC/ASSAL/SVS REGULATION & SUPERVISION OF MARKET CONDUCT © 2014 National Association of Insurance Commissioners Overview and Purpose of Market.
Getting data sharing right for every child
29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL DATA PROTECTION AND PRIVACY COMMISSIONERS.
ICS 417: The ethics of ICT 4.2 The Ethics of Information and Communication Technologies (ICT) in Business by Simon Rogerson IMIS Journal May 1998.
Philip M. J. Graham Head of Information Communications Technology (ICT) 13 th July 2010.
Big Data and data protection
© 2006 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Privacy Management for a Global Enterprise.
OAG Office of the Auditor-General Promoting Accountability in the Public Sector Using Audit to Oversee Public Procurement Edward Ouko Auditor-General Kenya.
Getting it right for e ery child  Children & Young People (Scotland) Act 2014 Briefing on GIRFEC Provisions Scottish.
The Value in Conducting a Privacy Impact Assessment
Transparency in Public Administration – FOI and EIR
The ICO and the DPA Ken Macdonald Assistant Commissioner Information Commissioner’s Office ScotStat Public Sector Analysts Network 30 th September 2010.
How the Information Commissioner’s office operates as a regulator David Smith Deputy Information Commissioner.
Who we are and what we do An introduction to the Information Commissioner’s Office.
Data Sharing and Good Practice Maureen H Falconer Sr Policy Officer Information Commissioner’s Office.
The Heart of the Matter: supporting family contact for fostered children.
The Information Commissioner’s Office David Evans.
SROC Conference Data Sharing – The New Culture? Elaine Fletcher, Senior Associate, Eversheds LLP April 2008.
NHS England & Customer Contact Centre FOI Introduction 2013.
Partners in Compliance Local Authority Building Standards Scotland Bob Renton FRICS Consultant to LABSS Honorary President LABSS.
Care.Data an ICO Update EMIS National User Group Conference East Midlands Conference Centre Nottingham 3 rd October 2013 Lynne Shackley Lead Policy Officer.
Privacy Codes of Conduct as a self- regulatory approach to cope with restrictions on transborder data flow Dr. Anja Miedbrodt Exemplified with the help.
MGT 461 Lecture # 19 Project Initiation Phase (I OF II)
Information Sharing Sheila Logan Information Commissioner’s Office Employability Partnership Event Glasgow 13 August 2009.
Data Protection Act obligations and pseudonymisation Dawn Monaghan Group Manager Information Commissioners Office.
Privacy Impact Assessment Workshop Maureen H Falconer Sr Guidance & Promotions Manager Scotstat Public Sector Analysts Network 30 September 2010.
Privacy Impact Assessments Iain Bourne, Group Manager, Policy Delivery Information Commissioner’s Office, UK Workshop on data protection and the internet:
Local Government Reform: Incorporating Planning Functions Ken Macdonald Assistant Commissioner (Scotland & Northern Ireland) Information Commissioner’s.
Information Commissioner’s Office Sheila Logan Operations and Policy Manager Information Commissioner’s Office Business Matters 20 May 2008.
Subcommittee on Design New Strategies for Cost Estimating Research on Cost Estimating and Management NCHRP Project 8-49 Annual Meeting Orlando, Florida.
Information Sharing Workshop Maureen H Falconer Sr Guidance & Promotions Manager MIS Event Glasgow 13 August 2009.
Data Sharing – Back to Basics Ken Macdonald Assistant Commissioner Information Commissioner’s Office National Community Safety Convention 10 September.
European Data Protection reform: preparing for the future Richard Syers - Strategic Liaison, ICO 12 September 2014.
Information sharing: the view from the ICO Vicky Cetinkaya, Senior Policy Officer, ICO One Staffordshire Information Sharing Protocol launch event Stafford,
1. The role of Privacy Risk Framework and Risk-Based Approach in Delivering Effective Privacy Compliance Bojana Bellamy.
4 December 2012 The Public Sector Equality Duty: Changes and Challenges NICOLA NEWBEGIN Old Square Chambers.
Middle East Community of Practice Dubai, 19 th January 2009 Project Management, Programme Management, Portfolio Management Corporate Governance to Project.
Commissioning and the Third Sector Health Network Skyers-Poorman Research and Consulting.
1 The Privacy Impact Assessment Guidelines Guy Herriges Manager, Information and Privacy Office of the Corporate Chief Strategist, MBS November 2000.
Can you share? Yes you can!! Angus Council Adult Protection Maureen H Falconer, Senior Policy Officer Information Commissioner’s Office.
Information Security TechLink Seminar, 17 April 2013 James Knapton, Information Compliance Officer, Registrary’s Office.
Information Sharing & Corporate Governance Dave Parsons, Information Governance Manager, City of Cardiff Council.
Getting data sharing right for every child Maureen H Falconer Senior Policy Officer Information Commissioner’s Office.
Collaborative Working & Best Practice A Seminar by the Public Services Ombudsman for Wales.
Workshop Understanding your responsibilities under the Data Protection Act 1998 and the Freedom of Information Act 2000 Adele Rhodes Girling.
AssessPlanDo Review QuestionYesNo? Do I know what I want to evaluate and why? Consider drivers and audience Do I already know the answer to my evaluation.
“The right to know” Scottish Borders Council 27 March 2013 Rosemary Agnew Scottish Information Commissioner And Sarah Hutchison Head of Policy and Information.
VICTORIAN CHARTER OF HUMAN RIGHTS AND RESPONSIBILITIES.
Freedom of Information Act ‘What you need to know’ Corporate Information Governance Team Strategic Intelligence.
Commissioning Services: with the DPA in mind South Yorkshire Information and Data Sharing Group Sheffield 14 th August 2014 Lynne Shackley Lead Policy.
Supporting staff to share appropriately Vikki Cochran May 2016 Empowering patients to share confidently.
Records management for the public sector 8 September 2016 Judith Jones - Group Manager Sue Markey - Senior Policy Officer Government and Society.
Data Protection Officer’s Overview of the GDPR
CCTV and Surveillance October 2016.
Improving the Garment Sector in Lao PDR:
The Possibilities are Endless?
Privacy Impact Assessments (PIAs)
GDPR Awareness and Training Workshop
Collaborative Working & Best Practice
Privacy: a work in progress
The Public Sector Equality Duty
The National Working Group
The Public Sector Equality Duty
Collaborative Working & Best Practice
The ICO: New Powers and Penalties
Presentation transcript:

Privacy by Design Maureen H Falconer Sr Guidance & Promotions Manager Building a Successful Information Sharing Partnership: Privacy by Design 13 August 2009

Information Commissioner’s Office Regulatory Authority –DPA, PECR; FoI; EIR Role of the Regional Offices –Cardiff, Belfast, Edinburgh –Enquiries –Stakeholder engagement –Input Scottish dimension to ICO

Privacy by Design?

Privacy by Design: Context Recognised gap in development and adoption of privacy-friendly systems; Lack of public trust and confidence; Report launch – Nov’ ’08; Ensure ‘privacy’ is always on the agenda; Privacy and data protection compliance designed into systems at the outset.

Privacy by Design: Defining Privacy Webster’s Dictionary: Privacy is: The quality or state of being hidden from, or undisturbed by, the observation or activities of other persons and freedom from undesirable intrusions.

Privacy by Design: Why do a PIA? To identify privacy risks to individuals; To identify privacy and DP compliance liabilities for your organisation; To protect your reputation. To instil public trust and confidence in your organisation; To avoid expensive, inadequate “bolt- on” solutions; To inform your communications strategy; Enlightened self-interest!

Privacy by Design: When to do a PIA? At the start, when: –the project is being designed; –you know what you want to do; –you know how you want to do it; and –you know who else is involved... …but certainly before: –decisions are set in stone; –you have procured systems; –you have signed contracts; and –while you can still change your mind!

Privacy by Design: How to do a PIA? Initial assessment Full-scale PIA Small-scale PIA Privacy law compliance check Data protection compliance check Review and redo!

Privacy by Design: Initial Assessment Prepare a project outline Identify stakeholders Look at other PIAs Look at studies on the technology and processes Decide the appropriate level of assessment

Privacy by Design: Full-scale PIA 5 Phases: –Preliminary work –Preparation –Consultation/analysis –Conclusions –Review

Privacy by Design: Small-scale PIA 5 Phases: (less formal) –Preliminary work (more specific) –Preparation (just as important!) –Consultation/analysis (less exhaustive) –Conclusions (part of a process) –Review

Privacy by Design: Compliance Privacy Law: –Vires –HRA; PECR; Law of Confidence –Statutory prohibitions Data Protection: –DP Principles –Schedule Conditions –Exemptions

Privacy by Design: Key Points The PIA is a process to consider privacy risk; It may not be appropriate in all cases; It can be incorporated into the organisation’s current risk strategy or it can be stand-alone; New and more manageable guidance!!

Hanover Street Edinburgh EH2 1DJ