Privacy Impact Assessment takes action on awareness
By Miya Knights,
The Office of the Information Commissioner (ICO) has today launched a major new initiative designed to address a last of awareness of the importance of data privacy and encourage organisations to be proactive in dealing with its threats.
A new privacy impact assessment (PIA) framework and guidebook have been launched at an ICO 'Surveillance Society' event held in Manchester today, designed to equip executives and managers with a way of discerning where potential privacy risks and vulnerabilities lie, as well as potential holes in compliance.
PIAs have come out of qualitative research involving focus groups from around the UK that showed a lack awareness of Data Protection Act (DPA) and related regulatory issues.
Sixty per cent of the 12 discussion groups questioned said they felt they had lost control over the way their personal details are collected and processed, but very few knew what the ICO existed to do, much as less what the DPA was.
Oliver Murphy, managing director of Diagnostics Social & Market Research, presented the research findings and said: "Overall we found people were relatively complacent about the privacy of their data, but incidents like the loss of the HMRC's [Her Majesty's Revenue and Customs] child benefit data disks has certainly helped raised the profile", although he also stressed the research was carried out before disks were lost.
As a result, PIAs are being voluntarily introduced to encourage organisations to help consider and safeguard against the impact on individuals' privacy before developing new IT systems or IT-based products and services.
Launching new guidelines (which are accessible via the ICO website) on PIAs at a conference on the 'surveillance society' in Manchester today, the watchdog will say that the breach at HM Revenue and Customs was a watershed and will call for organisations to implement new safeguards to help protect individuals' privacy.
Jonathan Bamford, assistant ICO commissioner told IT PRO that the concept of PIAs had been introduced voluntarily or through regulation in other countries and had been successful in raising data privacy concerns on an enterprise and individual, consumer level.
"The keyword here is systematic," he said. "The handbook contains breaks the PIA process down and allows companies to refer to only the parts that affect them, as well as regulation in addition to the DPA that they might need to consider."
The ICO will look for feedback from early adopters of the PIA scheme, which it said could help prove compliance efforts, while it will also look to launch a user group in the coming months if the level of PIA take-up is sufficient.
advertisement
Latest Internet Features
The continued curse of cybersquatting
For some, it’s a problem confined to the early days of the Internet. But current figures suggest that the cybersquatting problem is, if anything, growing.
- Where next for Microsoft, Yahoo and Google?
- Top 10 mobile features of 2009
- Top 10 security predictions for 2009
- Top 10 reviews of 2008
- The year in IT news
- Top 10 security stories of 2008
- Top 10 business phones of 2008
- 15 tech charities that need your help
- PCI's Bob Russo: Data loss hurts brand more than a fine
Latest Internet Reviews
Fujitsu Siemens FibreCAT SX80 iSCSI
Rating: 
advertisement
Latest News Videos in Internet
Video: Q&A with Easynet Connect's Chris Stening
PlayIT PRO spoke to Chris Stening, managing director of Easynet’s SME division, about whether ISPs are giving businesses the service they deserve.
White papers
Want more background on today's hottest IT trends?
Visit IT PRO's white paper library for more on virtualisation, encryption and other topics.
Register for IT PRO
You'll get exclusive member benefits including free white papers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
Social Bookmark this article: What is this?