Scribd Logo
Upload

Welcome to Scribd!

  • Session 08

    Uploaded by

    Bardan Sitoula
    4 views7 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    4 views7 pages

    Session 08

    Uploaded by

    Bardan Sitoula

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 7

    NIT2201

    IT Profession and Ethics

    Session 8
    Implementing policy on privacy 1
    Content
    • Privacy Impact Assessments
    • TrustArc Nymity Privacy Management
    Accountability Framework
    • Workplace privacy
    • General Data Protection Regulation

    NIT2201: Session 8 2
    Privacy Impact Assessments
    • PIA is a procedure that organisations should carry out
    to understand privacy implications of what they do
    prevent privacy problems arising
    • Office of the Australian Information Commissioner,
    “Guide to undertaking privacy impact assessments”,
    May 2020 (see Session 8 area for highlighted version of this
    resource)
    • Sections:
    – “What is a privacy impact assessment?” (p. 2)
    – “Why do a PIA?” (p. 3)
    – “When to do a PIA” (p. 4)
    – “9. Report” (p. 30) NIT2201: Session 8 3
    TrustArc Nymity Privacy Management
    Accountability Framework
    • Nymity (previous site – www.nymity.com/about/):
    – Was based in Canada and England; later acquired by
    TrustArc
    – “A dedicated group of privacy professionals make up
    Nymity’s research team … former privacy commissioners
    and officers, privacy lawyers, privacy consultants, research
    analysts and policy experts.”
    – “15 Years of Helping Organizations Operationalize
    Compliance”
    – “privacy management software solutions enable
    organizations to achieve and maintain compliance and to
    develop privacy programs that demonstrate ongoing data
    privacy compliance.” NIT2201: Session 8 4
    TrustArc Nymity Privacy Management
    Accountability Framework
    • Nymity PMAF, GDPR compliant (2021):
    download.trustarc.com/dload.php/?f=GGKT1TBF-916
    • Contains 13 sections:
    – Each section describes some form of support for
    privacy (section deals with particular part of
    organisation)
    – Each section contains “Privacy Management
    Activities” for enabling/enhancing privacy in
    organisation

    NIT2201: Session 8 5
    Workplace privacy
    • Workplace privacy is an issue in industry
    • We’ll go through a best practice guide on
    implementing policy for workplace privacy:
    – Fair Work Ombudsman (2019), “Best Practice
    Guide: Workplace privacy”, Commonwealth of
    Australia (see Session 8 area for highlighted
    version of this resource)

    NIT2201: Session 8 6
    General Data Protection Regulation
    • The General Data Protection Regulation (GDPR) is a
    European Union-wide initiative to better support
    consumers with their data
    • Came into effect May 2018
    • “What is the General Data Protection Regulation?”:
    www.youtube.com/watch?v=33TzO2CXZIc
    • “6 GDPR Compliance examples – GDPR Example”,
    www.youtube.com/watch?v=bVap-DYWKjg
    • Creating a GDPR-compliant privacy policy:
    legenova.com/wizard/privacy_policy/
    NIT2201: Session 8 7

    You might also like