SMART GRID: Privacy Awareness and Training – for PUCs/PSCs A Starting Point December 2011 SGIP-CSWG Privacy Group 1 DRAFT.

Slides:

Advertisements

Similar presentations

1 NAESB Data Privacy Task Force February 16, 2011.

Advertisements

Impact of Smart Grid, ICT on Environment and Climate Change David Su Advanced Network Technologies National Institute of Standards and Technology ITU Symposium.

UCAIug HAN SRS v2.0 Summary August 12, Scope of HAN SRS in the NIST conceptual model.

AMI Home Area Network Update SAG Meeting March 18, 2014.

1 Auditing in the Public Interest Records Management in the Victorian Public Sector Audit objective Audit had two objectives : The first objective was.

Cyber Security Working Group March 17, Smart Grid Cyber Security Strategy Establishment of a Cyber Security Coordination Task Group (CSCTG) Established.

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

September 5, 2013 Southern Region Break-Out NAAA Annual Convention.

Developing a Records & Information Retention & Disposition Program:

The role of the Office of the Privacy Commissioner in telecommunications Andrew Solomon Director, Policy.

SMART GRID: Privacy Awareness and Training – A Starting Point for Utilities October 2011 SGIP-CSWG Privacy Group 1.

Social Media and Recordkeeping Allegra Huxtable Manager Government Recordkeeping Tasmanian Archive and Heritage Office.

Managing Privacy in the Smart Grid Jennifer M. Urban Assistant Clinical Professor of Law Director, Samuelson Law, Technology & Public Policy Clinic UC.

Property of Common Sense Privacy - all rights reserved THE DATA PROTECTION ACT 1998 A QUESTION OF PRINCIPLES Sheelagh F M.

MAKING ALL MEDIA ACCESSIBLE TO ALL 20 YEARS OF MAKING MEDIA ACCESSIBLE ACCESSIBLE MEDIA INC. (AMI) NOT-FOR-PROFIT ORGANIZATION MANDATED.

Smart Grid Standards Bill Moroney President & Chief Executive Utilities Telecom Council.

Dorothy Macnaughton Accessibility and Diversity Training.

IOT5_ GISFI # 05, June 20 – 22, 2011, Hyderabad, India 1 Privacy Requirements of User Data in Smart Grids Jaydip Sen Tata Consultancy Services Ltd.

LAW SEMINARS INTERNATIONAL New Developments in Internet Marketing & Selling November 13 & 14, 2006 San Francisco, California Moderator : Maureen A. Young.

The Advertising Plan C38. Objectives  List advantages and disadvantages of newspapers, magazines, direct mail, television, and radio.  Explain the four.

Eric J. Pritchard One Liberty Place, 46 th Floor 1650 Market Street Philadelphia, Pennsylvania (215)

Implementing Security Education, Training, and Awareness Programs

Credit unions use social media in a variety of ways, including marketing, providing incentives, facilitating applications for new accounts, inviting feedback.

SMART GRID: Privacy Awareness and Training – Information for Consumers A Starting Point April 2012 SGIP-CSWG Privacy Group 1 DRAFT v8.

1 Availability of Aggregated Customer Usage Information: An Overview of D California Public Utilities Commission Presentation before the California.

Developing a Social Media Process for your Business Alyn Stafford 1 Monitor and Listen Explore and listen to what others.

1 © 2007 Electric Power Research Institute, Inc. All rights reserved. Managing Complexity: The IntelliGrid Environments External Corporations Corporate.

Policy Review (Top-Down Methodology) Lesson 7. Policies From the Peltier Text, p. 81 “The cornerstones of effective information security programs are.

FERC’s Role in Demand Response David Kathan ABA Teleconference December 14, 2005.

Information Governance Policies. Business Support and Corporate Information Resources Team… Working to create a knowledge led organisation Information.

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All SMART GRID ICT: SECURITY, INTEROPERABILITY & NEXT STEPS John O’Neill, Senior Project Manager CSA.

INCIDENT RESPONSE IMPLEMENTATION David Basham University of Advancing Technology Professor: Robert Chubbuck NTS435.

Security Policies and Procedures. cs490ns-cotter2 Objectives Define the security policy cycle Explain risk identification Design a security policy –Define.

1 SMT Format Short Story April 24, 2012 ‘Access, Control & Convenience’

Smart Grid Interoperability Panel & ISO / RTO Council Smart Grid Projects David Forfia SGIP Governing Board Member – Stakeholder Category 21 ISO/RTO Sponsor.

FIRMA April 2010 SOCIAL NETWORKING Christine M. Farquhar Managing Director, Compliance J.P. Morgan U.S. Private Banking.

April 8, 2011Page 1 April 8, 2011 The University of Texas Interdisciplinary Energy Conference Overcoming Barriers to Smart Grid & New Energy Services Panel.

1 SGIP PAP 11 PEV V2G DEWG Dec 2-3, 2010 Grid InterOp 2010 Eric Simmon, NIST Jerry Melcher, EnerNex SGIP PAP 11 PEV V2G DEWG Grid InterOp 2010 Meeting.

Interoperability Standards and Next Generation Interconnectivity Pankaj Batra Chief (Engineering) CERC.

The Internet of Things and Consumer Protection

© 2010 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

2 1.Client protection principles 2.Principle #6 in practice 3.The client perspective 4.Participant feedback 5.Tools for improving practice 6.Conclusion.

Balancing Privacy, Security, and Access Presented by Chris Villarreal Minnesota Public Utilities Commission October 16, 2015.

Collection and Development Joel McGuire. Collection Development Overview Challenging Challenging Unique to each library setting Unique to each library.

Privacy of Customer Energy Usage Data: Protecting Consumers and Giving Them the Tools with which to Protect Themselves Aryeh B. Fishman Director, Regulatory.

OpenHAN SRS v1.95 Overview June 8, OpenHAN SRS v Introduction  OpenHAN area of focus within the NIST conceptual model.

API Task Force Josh Mandel, Co-Chair Meg Marshall, Co-Chair December 4, 2015.

Dino Tsibouris & Mehmet Munur Privacy and Information Security Laws and Updates.

California Department of Public Health / 1 CALIFORNIA DEPARTMENT OF PUBLIC HEALTH Standards and Guidelines for Healthcare Surge during Emergencies How.

Data protection—training materials [Name and details of speaker]

UNDERSTANDING INFORMATION MANAGEMENT (IM) WITHIN THE FEDERAL GOVERNMENT.

Implementing Security Education, Training, and Awareness Programs By: Joseph Flynn.

Understanding Privacy An Overview of our Responsibilities.

Jeju, 13 – 16 May 2013Standards for Shared ICT Dr. Farrokh Khatibi Director of Engineering Qualcomm ATIS and the Smart Grid Document No: GSC17-PLEN-63.

March 23, 2015 Missouri Public Service Commission | Jefferson City, MO.

Data Privacy and Security Data Privacy Self- Assessment Data Security Self- Assessment Video Tips Privacy Legion Newsletter Home ScreenLanding Screen Data.

Understanding Privacy An Overview of our Responsibilities.

Data Security and Privacy Overview: NJDOE’s Approach to Cybersecurity

Data Minimization Framework

SMT Format Short Story ‘Access, Control & Convenience’ SMT Format Short Story April 24, 2012.

Introduction to the Federal Defense Acquisition Regulation

GDPR support January GDPR support January 2018.

An Introductory Training to

Red Flags Rule An Introduction County College of Morris

Managing Privacy Risk in Your Commercial Practices

Student Privacy in the age of big data

SOCIAL NETWORKING Christine M. Farquhar Managing Director, Compliance J.P. Morgan U.S. Private Banking.

Privacy Principles Melinda Clarke.

Presentation transcript:

SMART GRID: Privacy Awareness and Training – for PUCs/PSCs A Starting Point December 2011 SGIP-CSWG Privacy Group 1 DRAFT

SGIP-CSWG Overview 2  SGIP  CSWG  Disclaimer: These slides were created by the CSWG Smart Grid Privacy group to provide a tool for organizations involved with the Smart Grid to use to help facilitate training and awareness about Smart Grid privacy issues and risks. These slides are not endorsed by NIST, nor are they required to be used under any existing law or regulation. They are also not intended to be considered as legal advice.

The Purpose To address privacy issues related to consumer adoption of Smart Grid technologies  Understanding what information may be collected  Limiting the data collected to only that necessary for delivering and billing for services  Describing why information is collected  Explaining how information is used  Knowing how to securely store the information  Knowing who has access to this information  Establishing information retention and disposal standards  Determining how to inform customers and utilities about these practices 3

Our Objective To help promote effective privacy training and awareness communications and activities for all participants within the Smart Grid and provide tools to support this objective that will also document the:  Topics that should be covered  Training/Awareness possibilities  Possible communication methods 4

The Audiences  Users of Smart Grid technologies vary from utility companies to consumers to government and vendors. Each requires a unique approach and message regarding privacy for information related to Smart Grid technologies.  There are many types of audiences involved. 5

Public Utility Commissions (PUCs) Information gathered that should be covered by training and awareness messages  Personal information  Energy usage  Location enabled technologies (e.g., GPS coordinates)  Smart Meter identifiers (e.g., AMI IP address)  Consumer home area network (HAN) / energy management systems and associated data  Plug-in Electric Vehicle (PEV) data  Add other and future topics as needed 6

Topics for PUCs PUCs should cover a wide range of topics to ensure employees and consumers understand the impact, as well as how they may impact the utility companies. 1.Basic privacy principles * 2.Identifying privacy impacting data * 3.How to safeguard data * 4.Applicable laws and regulations * 5.Policies and procedures that include coverage of Smart Grid technologies * 6.Educating consumers about utility privacy practices* 7.Obligations of other entities third party and contracting agents * 8.Data breach notice practices 9.Responding to consumer inquiries about privacy 10.Privacy impact assessment requirements and instruction 11.Other topics applicable to PUC territory * These are necessary for all PUCs 7

Training Possibilities for PUCs Each PUC can choose the best training method and vehicle for its work environment. The following are some of the methods that are good to consider:  Online training modules (produced in-house or outside of the organization)  Webinars  In-house training provided by staff, utilities, or 3 rd party  Videos  Seminars/Conferences  Other training activities  See more ideas within SP "Building an Information Technology Security Awareness and Training Program" at 8

Awareness Possibilities for PUCs 9 Each PUC can choose the best communication method for its work environment and culture. This is limited only by your own imagination. Websites (internal or external) Social media sites Radio/TV Print (i.e., magazines, newspaper, posters) Focus groups Podcasts Whitepapers Libraries Professional associations And others specific to each PUC

Groups to Deliver Education Depending on the targeted audience (external or internal), the individuals or groups that deliver the training and awareness messages can impact the overall acceptance of the message. Here are groups that have expertise in privacy and may be able to provide resources and/or assistance for training activities and/or awareness communications:  Representative from within a utility  PUC training areas  Third party training vendors with expertise in this topic  Government agencies (e.g., DoE, NIST)  FTC for general consumer privacy information  GridWise Architecture Council (GWAC)  National Association of State Utility Consumer Advocates (NASUCA)  Smart Grid Interoperability Panel (SGIP) CyberSecurity Working Group (CSWG)  National Initiative for Cybersecurity Education (NICE)  Federal Information Systems Security Educators' Association (FISSEA)  North American Energy Standards Board (NAESB)  Consumer groups 10