Difference between revisions of "Other Activities"

From IPEN Wiki
Jump to navigation Jump to search
Line 41: Line 41:
|-
|-
| Context
| Context
| <br/>
| <span style="color: rgb(44, 44, 40); font-family: Arial, Helvetica, sans-serif; font-size: 12.996000289917px; line-height: normal; text-align: justify;">CNIL is the French DPA. It has produced two guidelines in November 2012</span>
*a methodology for managing the risks that can affect the individuals ;
*&nbsp;a catalogue of measures and best practices to treat the risks identified with the methodology.
<span style="color: rgb(44, 44, 40); font-family: Arial, Helvetica, sans-serif; font-size: 12.996000289917px; line-height: normal; text-align: justify;">The two new guides propose a way to build a comprehensive analysis to handle complex personal data processing operations. These documents are primarily intended for use by controllers, data protection officers (DPO) and chief information security officers (CISO). They assist them in creating a rational understanding of the risks arising from the processing of personal data and to choose necessary and sufficient organizational and technical measures to protect privacy.</span><br/>
|-
|-
| <br/>
| URL
| <br/>
| English web page:&nbsp;[http://www.cnil.fr/english/news-and-events/news/article/the-cnil-publishes-an-english-translation-of-its-two-advanced-security-and-privacy-risk-management/ http://www.cnil.fr/english/news-and-events/news/article/the-cnil-publishes-an-english-translation-of-its-two-advanced-security-and-privacy-risk-management/]
|-
|-
| <br/>
| Document
| <br/>
|
Methodology to manage risk:&nbsp;[http://www.cnil.fr/fileadmin/documents/en/CNIL-ManagingPrivacyRisks-Methodology.pdf http://www.cnil.fr/fileadmin/documents/en/CNIL-ManagingPrivacyRisks-Methodology.pdf]
 
Measures for the privacy risk treatment:&nbsp;[http://www.cnil.fr/fileadmin/documents/en/CNIL-ManagingPrivacyRisks-Measures.pdf http://www.cnil.fr/fileadmin/documents/en/CNIL-ManagingPrivacyRisks-Measures.pdf]
 
|-
|-
| <br/>
| Comments
| <br/>
| <br/>
|}
|}

Revision as of 10:39, 19 June 2015

Introduction

This pages covers other activities which could be of interest: guidelines, papers, events

Guidelines

EC Data Protection Impact Assessment Template for Smart Grid and Smart Metering Systems

Context

The Smart Grids Task Force was set up by the European Commission in 2009 to advise on issues related to smart grid deployment and development. One of the working group (WG2) is on security and privacy.

The EC has provided a Data Protection Impact Assessment Template for smart grid and smart metering systems.

The EC has decided to have a two-year trial of the template starting from March 2015.

URL

Smart grid task force: http://ec.europa.eu/energy/en/topics/markets-and-consumers/smart-grids-and-meters

Test phase for template: https://ec.europa.eu/energy/en/test-phase-data-protection-impact-assessment-dpia-template-smart-grid-and-smart-metering-systems

Documents Template document: https://ec.europa.eu/energy/sites/ener/files/documents/2014_dpia_smart_grids_forces.pdf
Comments

[Antonio Kung] 

  • Integrates lots of input from CNIL risk analysis

CNIL Privacy Risk analysis

Context CNIL is the French DPA. It has produced two guidelines in November 2012
  • a methodology for managing the risks that can affect the individuals ;
  •  a catalogue of measures and best practices to treat the risks identified with the methodology.

The two new guides propose a way to build a comprehensive analysis to handle complex personal data processing operations. These documents are primarily intended for use by controllers, data protection officers (DPO) and chief information security officers (CISO). They assist them in creating a rational understanding of the risks arising from the processing of personal data and to choose necessary and sufficient organizational and technical measures to protect privacy.

URL English web page: http://www.cnil.fr/english/news-and-events/news/article/the-cnil-publishes-an-english-translation-of-its-two-advanced-security-and-privacy-risk-management/
Document

Methodology to manage risk: http://www.cnil.fr/fileadmin/documents/en/CNIL-ManagingPrivacyRisks-Methodology.pdf

Measures for the privacy risk treatment: http://www.cnil.fr/fileadmin/documents/en/CNIL-ManagingPrivacyRisks-Measures.pdf

Comments

NIST study on privacy risk management framework

Papers

Events