BUSL315- How to assess privacy risks in new technologies businesses- IT assignment help

BUSL315- How to assess privacy risks in new technologies businesses- IT assignment help

Code- BUSL315 assignment help

Subject- IT assignment help

Overview

• Privacy by Design
• History of Privacy Impact Assessments
• Features of a Privacy Impact Assessment?
• Why do a PIA?
• Features of a Good PIA
• Steps in a Privacy Impact Assessment
• Supply Chain PIAs
• PIA Reports
• Ethics & Social Licence
• APP Questions to Consider

A Choice

• Privacy Invading Technologies (PITs) or
• Privacy Enhancing Technologies (PETs)

Privacy by Design

• 1960s: Developed by architecture and building firms for physical privacy
• 1990s: Ann Cavoukian in Canada applied the concept to information privacy
• Goal is to embed privacy into the product and service lifecycle for businesses and government
• Has been widely endorsed by privacy regulators around the world
• 2018: included as an obligation in Article 25 of the GDPR

Privacy by Design

1. Proactive, not Reactive; Preventative, not Remedial
2. Privacy as the Default Setting
3. Privacy Embedded into Design
4. Full Functionality
5. End−to−End Security − Full Lifecycle Protection
6. Visibility and Transparency − Keep It Open
7. Respect for User Privacy − Keep it User−Centric

History of Privacy Impact Assessments

• Late 1960s: Fair Information Practices
  • The “self−discipline on the part of the executive branch will provide an answer to virtually all of the legitimate complaints against excesses of information−gathering” − William Rehnquist 1971 (US Justice Dept, later Chief Justice of the Supreme Court)
  • FIP concerns led to the 1980 OECD Guidelines designed to “advance the free flow of information and to avoid the creation of unjustified obstacles to the development of economic and social relations among Member countries”
  • 1995−> Privacy Impact Assessments emerge
    • Inspired by Environmental Impact Assessments
    • “A belated public reaction against privacy invasive actions”; OR
    • “A natural development of rational management techniques”

–   Roger Clarke 2009

–   Early leaders: Canada and New Zealand

• 2018: EU’s GDPR Article 35 − PIAs are now mandatory where there are high risks, with fines for non−compliance

Why do a PIA?

• Builds trust by the public and employees in the organisation
• Reduces reputation risk
• Reduces management time
• Helps improve decision−making
• Reduces legal expenses
• Minimises probability of causing costly privacy harms
• Enables organisation to demonstrate its compliance and risk maturity capability
• Minimises probability of adverse findings during an audit or regulator investigation
• Evidence that the organisation acted appropriately to attempt to minimise the probability of privacy harms

Features of (good) PIAs

• Is a form of risk management
• Performed on a project or initiative (distinct from a privacy strategy)
• Anticipatory in nature (in advance of or parallel to an initiative − f. an audit)
• Broad in scope (looks also at the interests of those affected − f. an internal costƒbenefit analysis)
• Broad scope of analysis (not just strict compliance with legal obligations, legitimacy, proportionality, participation, ethics and social licence are also considered)
• Both problem and solution focused
• Emphasises the assessment process (future consequences)
• Requires intellectual engagement from senior stakeholders (not a mere checklist)
• PIA Report is made publicly available, signed off by senior management (subject to any security concerns, where a summary is published)
• Contributes to “organisational memory”

Steps in a PIA

1. Determine whether a PIA is necessary (threshold analysis)
2. Identify the PIA team, its terms of reference, resources and time frame
3. Prepare a PIA Plan − who does what, when and with whom will you consult
4. Agree on the budget for the PIA
5. Project description (link to corporate strategy, external environment and competitive landscape)
6. Identify relevant stakeholders
7. Analyse the information flows and privacy framework
8. Privacy impact analysis
9. Consult with stakeholders
10. Check the project complies with relevant legislative requirements
11. Identify risks and possible solutions
12. Formulate recommendations
13. Prepare and publish the PIA Report
14. Implement the Recommendations
15. Third−party review andƒor audit of the PIA & its implementation
16. Update the PIA if there are any changes
17. Incorporate identified risks into a centralised risk register
18. Embed Privacy awareness throughout the organisation and ensure accountability

A PIA Flow− chart (Vict)

BUSL315- How to assess privacy risks in new technologies businesses- IT assignment help

This is an IT assessment task which is based upon the topic. "how to carry out an assessment of privacy risks  in new technologies businesses?" The points to be included in the course work are clearly mentioned in the question file. IT assignments and other course work are always challenging for many of the students during their entire course work. The students are required to complete the BUSL315 assignments within the stipulated. of time. This probably can be the worst nightmare for many of the students. So, if you are facing the same issue, you can take our premium BUSL315 assignment help. Our team of best Australian writers and tutors provide extraordinary BUSL315- How to assess privacy risks in new technologies businesses? IT assignment help. From the past several years, we have been working with the students from all over the world and can cover BUSL315 assignments, no matter what the topic is. Get ready to elevate your academic performance with the help of our academic writing service. Place your order and get attractive discount.