Asian Personal Data Privacy Forum, Hong Kong, 27 March 20011 Cross-border Data Matching Blair Stewart Assistant Commissioner Office of the Privacy Commissioner.

Slides:

Advertisements

Similar presentations

PRIVACY ACT OF 1974 OVERVIEW. FAIR INFORMATION PRACTICES The Privacy Act is primarily concerned with fair information practices. The Privacy Act is primarily.

Advertisements

Procedural Safeguards

Credit Reporting Privacy Code 2004 New Zealand Credit & Finance Institute luncheon Auckland, 21 February 2005 Presentation by Blair Stewart, Assistant.

1 Bali Process Workshop on Enabling Electronic Exchange of Lost and Stolen Travel Document Information April 2005.

Data Protection Information Management / Jody McKenzie.

HIPAA Security Regulations Jean C. Hemphill Ballard Spahr Andrews & Ingersoll, LLP November 30, 2004.

WTO Symposium on Cross-Border Supply of Services Regulatory Issues Related to Cross-Border Trade 29 April 2005 Thomas Chan, Deputy Representative, Hong.

Promoting the Regulatory Recognition Approach to Accelerate Regional Financial Integration APFF Seattle 2014 July 7, 2014.

Training on Data Protection Functions of the Data Protection Office.

1 PRIVACY ISSUES IN THE U.S. – CANADA CROSS BORDER BUSINESS CONTEXT Presented by: Anneli LeGault ACC Greater New York Chapter Compliance Seminar May 19,

What’s Next What We believe Who We Are Cloud Computing Big data Mobility Social Enterprise.

6/1/2015MINISTRY OF ENERGY, COMMUNICATIONS AND MULTIMEDIA 1 PRESENTATION OF PERSONAL DATA PROTECTION BILL PRESENTATION OF PERSONAL DATA PROTECTION BILL.

Hong Kong Privacy Code on Human Resource Management

Managing Personal Information - Australian Companies Outsourcing to India and the Philippines Professor Margaret Jackson and Marita Shelly.

ITIC PERSPECTIVE ON THE EFFECTIVE IMPLEMENTATION OF THE FCTC PROTOCOL ELIZABETH ALLEN ITIC – JULY 2014.

Towards a Freedom of Information Law in Qatar Fahad bin Mohammed Al Attiya Executive Chairman, Qatar National Food Security Programme.

DEED WorkForce Center Reception and Resource Area Certification Program Module 2 Unit 1b: WorkForce Center System II Learning Objectives III.

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Personal Data (Privacy) Ordinance Hong Kong Personal Data (Privacy) Ordinance Hong Kong by Stephen Lau Privacy Commissioner for Personal Data Hong Kong.

1 Members’ Forum  QP Concept and Philosophy  Transitional Arrangements  Accreditation Process.

Privacy Commissioner case notes: A resource from NZ and beyond Blair Stewart Assistant Commissioner Office of the Privacy Commissioner New Zealand Privacy.

© 2010 Plexent – All rights reserved. 1 Change –The addition, modification or removal of approved, supported or baselined CIs Request for Change –Record.

International Trade Logistics Presented by: 21304/2A Leung Yee Man (14) Wong Kin Yee (22) Yeung Kiu Ling (25) Siu Hin Yeung (18) Ieong Man Chi (7)

Privacy and Security Laws for Health Care Organizations Presented by Robert J. Scott Scott & Scott, LLP

Computerized Networking of HIV Providers Workshop Data Security, Privacy and HIPAA: Focus on Privacy Joy L. Pritts, J.D. Assistant Research Professor Health.

Student Confidentiality: The FERPA/HIPAA Facts AISD Policy Student Records AISD Procedure AP. 11.

Information Sharing Sheila Logan Information Commissioner’s Office Employability Partnership Event Glasgow 13 August 2009.

The Freedom of Information and Data Protection Legislation An Overview Ann McKeon November 2014.

Enhancement Measures on Teacher Appointment and Related Matters

March 17, Open Source Release of NASA Software GSA/GWU Open Source in Government Conference NASA Open Source Legal Team.

1 Office of the Privacy Commissioner for Personal Data Hong Kong SAR Tony LAM Deputy Privacy Commissioner for Personal Data Asian Personal Data Privacy.

A Perspective: Data Flow Governance in Asia Pacific & APEC Framework Martin Abrams October 21, 2008.

HIPAA Michigan Cancer Registrars Association 2005 Annual Educational Conference Sandy Routhier.

Data Protection & FOI Data Protection: Background Human Right to Privacy Unenumerated right under Irish Constitution Explicit right under European Convention.

Data Protection Act AS Module Heathcote Ch. 12.

Shareholder protection in takeover offers and schemes of arrangement Jennifer Payne Professor of Corporate Finance Law, University of Oxford University.

E-Privacy in the New Economy Conference, Hong Kong, 26 March PRIVACY IMPACT ASSESSMENT PIA: Some Approaches, Issues and Examples Blair Stewart Assistant.

Confidentiality A Training Without the Video. Laws FERPA (1976) or the Buckley Amendment (1994) IDEA (1991) KY Safe Schools (1998)

The EU AEO Programme in a global environment European Regional Forum “Partnership: Customs and Business” May 2015, Astana, Kazakhstan.

OPEN GOVERNMENT: IMPLICATIONS FOR INVESTIGATORS Elizabeth Tydd Information and Privacy Commission CEO NSW Information Commissioner November 2014.

Twelve Guiding Principles for the Regulation of Surveillance Camera Systems Presented by: Alastair Thomas Date: 23 rd October 2013.

PROTECTION OF PERSONAL DATA. OECD GUIDELINES: BASIC PRINCIPLES OF NATIONAL APPLICATION Collection Limitation Principle There should be limits to the collection.

1 Privacy Plan of Action © HIPAA Pros 2002 All rights reserved.

1 Office of the Privacy Commissioner for Personal Data Hong Kong SAR Tony LAM Deputy Privacy Commissioner for Personal Data Briefing to Asian Data Privacy.

Introducing the Code of Practise for evacuation and first aid fire-fighting equipment The COP when viewed in isolation is nothing more than a document.

Data Protection - Rights & Responsibilities Information Commissioner’s Office Orkney Practice Forum 4 th July 2007.

Online Educational Services. Section Overview Contracts Click-Wrap Agreements Best Practices.

INTRODUCTION TO DATA PROTECTION An overview of the Irish Data Protection legislation.

An Introduction to the Privacy Act Privacy Act 1993 Promotes and protects individual privacy Is concerned with the privacy of information about people.

Systemic Reform and Cross border education in APEC economies Presented to the 2nd APEC Symposium on Education Reform Xi’an, China, January 15-17, 2008.

Objectives  Legislation:  Understand that implementation of legislation will impact on procedures within an organisation.  Describe.

APEC Privacy Framework “The lack of consumer trust and confidence in the privacy and security of online transactions and information networks is one element.

Tax Court of Canada THIRD PARTY INFORMATION IN MAKING ASSESSMENT INTERNATIONAL ASSOCIATION OF TAX JUDGES Lucerne, Switzerland September 4, 2015 The Hon.

Data protection—training materials [Name and details of speaker]

National Statistics - access and disclosure issues for Vital Events data Allan Baker Office for National Statistics.

AEMCPresentation to GWCFPAGE 1 AEMC and Rule changes Presentation to AEMO Gas Wholesale Consultative Forum Kamlesh Khelawan Director This presentation.

Internal Control Principles

Accounts Receivable, Accounts Payable & Cash

Student Confidentiality: The FERPA/HIPAA Facts

General Data Protection Regulation

Data protection issues in regulatory investigations

Data workshop WhOSE DATA IS IT ANYWAY? Alexia Christie

Data Protection Legislation

Move this to online module slides 11-56

Overview of the recommendations regarding approximation of the Law on personal data protection to the new EU General data protection regulation Valerija.

Neopay Practical Guides #2 PSD2 (Should I be worried?)

The Freedom of Information and Data Protection Legislation An Overview

DRAFT ISO 10008:2013 Overview Customer satisfaction — Guidelines for business-to-consumer electronic commerce transactions ISO/TC176 TG 01.

Student Confidentiality: The FERPA/HIPAA Facts

Borderline of social insurance: pensions

Presentation transcript:

Asian Personal Data Privacy Forum, Hong Kong, 27 March Cross-border Data Matching Blair Stewart Assistant Commissioner Office of the Privacy Commissioner New Zealand

Asian Personal Data Privacy Forum, Hong Kong, 27 March Data Sharing arrangements  Certified copies of documents eg birth, qualification, professional record  Request and response eg FOI laws, Mutual assistance laws  Disclosure of complete databases eg published register of teachers, NZ passport database to Australia  Comparisons of data Eg computer matching or data matching

Asian Personal Data Privacy Forum, Hong Kong, 27 March Data Matching meaning #1 Procedure whereby a list of personal data about a number of people held for one purpose is compared with a list of personal data held for another purpose for the purpose of producing or verifying data that may be used for taking adverse action against any person

Asian Personal Data Privacy Forum, Hong Kong, 27 March Data Matching meaning #2 Put another way The computerised comparison of 2 or more sets of records with the objective of seeking out records which relate to the same individual in order to detect cases of interest

Asian Personal Data Privacy Forum, Hong Kong, 27 March Data matching laws examples  Personal Data (Privacy) Ordinance 1995 (HK), Part VI  Privacy Act 1993 (NZ), Part X  Data-matching Program (Assistance and Tax) Act 1990 (Aust)  Computer Matching and Privacy Protection Act (USA)

Asian Personal Data Privacy Forum, Hong Kong, 27 March Typical data matching controls #1 Evaluation Operation Authorisation

Asian Personal Data Privacy Forum, Hong Kong, 27 March Typical Data Matching Controls #2  Authorisation – assess public interest, technical/policy issues, public confidence  Operation – openness, fair processing, protect individual interestes  Evaluation – did it achieve its objectives, is it cost effective, what problems encountered

Asian Personal Data Privacy Forum, Hong Kong, 27 March Operational controls Examples  notice, consent, accuracy, minimisation, security and accountability  Data checking, ability to contest findings  No completely automated decision-making  Destruction of unused data  Robust technical standards  No presumption of guilt

Asian Personal Data Privacy Forum, Hong Kong, 27 March Cross-border Matching NZ proposals  Netherlands-NZ Social Security Agreement  Worldwide Dutch policy  Means tested benefits – cost where o/seas pensions not declared, choice of residence, verification etc  Mutual recovery of debts  Tax and social security depts both involved  Australia-NZ Social Security Agreement  CER, Free movement but limited SS entitlements  Determining periods of residency  Verify entitlements, amounts, debt recovery

Asian Personal Data Privacy Forum, Hong Kong, 27 March Some issues with Cross-border matching  Authorisation processes – suit both jurisdictions?  Which jurisdiction’s law to apply?  What of jurisdictions without data protection laws?  Compatability of data, definitions etc (always an issue anyway)

Asian Personal Data Privacy Forum, Hong Kong, 27 March New NZ framework law  Social Welfare (Transitional Provisions) Amendment Act 2000  New sections on mutual assistance provisions in reciprocity agreements, terms and conditions for recovery of debts and for exchange of data  Safeguards consistent with NZ information matching controls  Privacy Commissioner to report of any proposed agreement include “the adequacy of the privacy protection given in the other country to information about individuals supplied by NZ”

Asian Personal Data Privacy Forum, Hong Kong, 27 March On-going Issues  Combines the issues and complexity of both data matching and TBDF  Bound to be of growing interest to officials and politicians given globalisation and the enhanced ability of computers to sort mass data