Privacy Impact Assessment | My Assignment Tutor

Griffith University指导老师 Hui TianMod 4-1 workshop:Privacy Impact Assessment• Understand how to undertake a PIA;• Learn what APPs regulatesPrivacy Impact AssessmentObjectivesCase Study Part 1: Privacy Impact Assessment (PIA)As a security officer, you need to evaluate a privacy policy for “The Good Guys” and undertake aPIA to make sure your company’s privacy policy complies with APP.In the given case, write a report about the key step in PIA — “Privacy Impact analysis andcompliance check”. Check the video in https://www.oaic.gov.au/s/elearning/pia/topic5.htmlWhat projects would benefit from a PIA?Any project that handles personal information, including designing new products, service deliveryor legislation.Undertaking a data matching activityDesigning a mobile appImplementing a new loyalty programConsidering proposed legislationIntegrating databasesCollecting new categories of customer data for direct marketingEngaging a third party contractor to manage data handlingWorking on a high risk projectPrivacy Impact AssessmentHow to undertake a PIA?Privacy Impact Assessment• Threshold assessment• Plan the PIA• Describe the project• Identify and consult withstakeholders• Map information flows• Privacy impact analysis andcompliance check• Privacy management — addressingrisks• Recommendations• Report• Respond and review.Project DescriptionBackground of PenCSObjectivePen CS’s mission is to improve healthcare outcomes for all Australians. They do this for MedicalPractices by providing insights into their patient cohort using locally collated data. It provides theseinsights, via their software, at time of consult, to a patient based on a locally collated pool of data.Relationship of PenCS to APP entities and the collection of personal informationThe personal information associated with patient medical records gathered into the Pen CS CAT4(Clinical Audit Tool) are sent to the service providers, with the aim of:• Analysing the historical patient’s data• Providing the valuable alerts and improve the healthcare servicePrivacy Impact AssessmentMap information flowsPrivacy Impact Assessment• Threshold assessment• Plan the PIA• Describe the project• Identify and consult withstakeholders• Map information flows• Privacy impact analysis andcompliance check• Privacy management — addressingrisks• Recommendations• Report• Respond and review.How to undertake a PIA?• Threshold assessment• Plan the PIA• Describe the project• Identify and consult withstakeholders• Map information flows• Privacy impact analysis andcompliance check• Privacy management — addressingrisks• Recommendations• Report• Respond and review. FlowDescriptionLegislationComment1GP sends the information to CAT4 foranalysis–Personal information is stored in GPdatabase2CAT4 de-identifies the records and sendsto PAT CAT server every month (orlonger)APP2Personal information is de-identifiedbefore being sent…………………… Map information flowsPrivacy Impact AssessmentHow to undertake a PIA?• Threshold assessment• Plan the PIA• Describe the project• Identify and consult withstakeholders• Map information flows• Privacy impact analysis andcompliance check• Privacy management — addressingrisks• Recommendations• Report• Respond and review.Privacy Impact AssessmentAPP 1 — open and transparent management of personal informationThe APP entity must have ongoing practices and policies in place to ensure that theymanage personal information in an open and transparent way. The APP entity must:• take reasonable steps to implement practices, procedures and systems that willensure it complies with the APPs and any binding registered APP code, and is able todeal with related inquiries and complaints• have a clearly expressed and up-to-date APP Privacy Policy about how it managespersonal information• take reasonable steps to make its APP Privacy Policy available free of charge and inan appropriate form (usually on its website)• upon request, take reasonable steps to provide a person or body with a copy of itsAPP Privacy Policy in the particular form requested.Compliance Check with APPsPrivacy Impact AssessmentAPP 2 — anonymity and pseudonymityIndividuals must have the option of not identifying themselves, or of using apseudonym, when dealing with an APP entity in relation to a particular matter, unlessan exception applies.De-identified information is used to describe records that have had enough PIIremoved or obscured, also referred to as masked or obfuscated, such that theremaining information does not identify an individual and there is no reasonablebasis to believe that the information can be used to identify an individual.Anonymized information is defined as previously identifiable information that has beende-identified and for which a code or other association for re-identification no longerexists.Compliance Check with APPsPrivacy Impact AssessmentAPP 2 — anonymity and pseudonymityA common de-identification technique for obscuring PII is to use a one-waycryptographic function, also known as a hash function, on the PII.56 De-identifiedinformation can be assigned a PII confidentiality impact level of low, as long asthe following are both true:• The re-identification algorithm, code, or pseudonym is maintained in aseparate system, with appropriate controls in place to prevent unauthorizedaccess to the re-identification information.• The data elements are not linkable, via public records or other reasonablyavailable external records, in order to re-identify the data.What technique is used for de-identification?Compliance Check with APPsPrivacy Impact AssessmentCompliance Check with APPsAPP 3 — collection of solicited personalinformation• Any personal information collected (other than sensitive information) must bereasonably necessary for (or if the APP entity is an agency, reasonably necessaryfor or directly related to) one or more of the APP entity’s functions or activities.• An APP entity must not collect sensitive information about an individual unlessone of the exceptions listed in APP 3.3 or APP 3.4 applies, such as if the individualconsents and the information is reasonably necessary for (or if the APP entity isan agency, reasonably necessary for or directly related to) one of more of theentity’s functions or activities.• Personal information can only be collected by lawful and fair means.Privacy Impact AssessmentWhere an APP entity receives unsolicited personal information, it must determinewhether it would have been permitted to collect the information under APP 3. If so,APPs 5 to 13 will apply to that information. If the information could not have beencollected under APP 3, and the information is not contained in a Commonwealthrecord, the APP entity must destroy or de-identify that information as soon aspracticable, but only if it is lawful and reasonable to do so.APP 4 — dealing with unsolicited personal informationCompliance Check with APPsPrivacy Impact AssessmentCompliance Check with APPsAPP 5 — notification of the collection of personal informationAn APP entity that collects personal information about an individual must take reasonablesteps to notify the individual, or otherwise ensure the individual is aware, of the matterslisted in APP 5.2.• the APP entity’s identity and contact details• the fact and circumstances of collection• whether the collection is required or authorised by law• the purposes of collection• the consequences if personal information is not collected• the APP entity’s usual disclosures of personal information of the kind collected bythe entity• information about the APP entity’s APP Privacy Policy• whether the APP entity is likely to disclose personal information to overseasrecipients, and if practicable, the countries where they are located.Privacy Impact AssessmentCompliance Check with APPsAn APP entity can only use or disclose personal information for the particularpurpose for which it was collected (known as the ‘primary purpose’), or for asecondary purpose if an exception applies, such as where the individual hasconsented to the use or disclosure of the information.APP 6 — use or disclosure of personal informationPrivacy Impact AssessmentCompliance Check with APPsAn organisation must not use or disclose personal information for the purpose ofdirect marketing unless an exception applies, such as where the individual hasconsented.Where an organisation is permitted to use or disclose personal information forthe purpose of direct marketing, it must always:• allow an individual to request not to receive direct marketing communications(also known as ‘opting out’), and• comply with that request.An organisation must provide its source for an individual’s personal information, ifrequested to do so by the individual.APP 7 — direct marketingPrivacy Impact AssessmentCompliance Check with APPsBefore an APP entity discloses personal information to an overseas recipient,the entity must take reasonable steps to ensure that the overseas recipientdoes not breach the APPs (other than APP 1) in relation to the information,unless an exception applies, such as the individual has given informedconsent.APP 8 — cross-border disclosure of personal informationAn APP entity that discloses personal information to an overseas recipient isaccountable for any acts or practices of the overseas recipient in relation to theinformation that would breach the APPs (see s 16C of the Privacy Act).Privacy Impact AssessmentCompliance Check with APPsAn organisation must not adopt, use or disclose a government relatedidentifier of an individual as its own identifier of the individual unless anexception applies.APP 9 — adoption, use or disclosure of government related identifiersPrivacy Impact AssessmentCompliance Check with APPsAn APP entity must take reasonable steps to ensure that the personalinformation it collects is accurate, up-to-date and complete.An APP entity must take reasonable steps to ensure that the personalinformation it uses and discloses is, having regard to the purpose of the useor disclosure, accurate, up-to-date, complete and relevant.APP 10 — quality of personal informationPrivacy Impact AssessmentCompliance Check with APPsAn APP entity must take reasonable steps to protect personal information itholds from misuse, interference and loss, as well as unauthorised access,modification or disclosure.Where an APP entity no longer needs personal information for any purposefor which the information may be used or disclosed under the APPs, the entitymust take reasonable steps to destroy the information or ensure that theinformation is de-identified, unless an exception applies.APP 11 — security of personal informationPrivacy Impact AssessmentCompliance Check with APPsAn APP entity that holds personal information about an individual must givethe individual access to that information on request, unless an exceptionapplies.APP 12 — access to personal informationPrivacy Impact AssessmentCompliance Check with APPsAn APP entity must take reasonable steps to correct personal information to ensure that,having regard to the purpose for which it is held, it is accurate, up-to-date, complete,relevant and not misleading. This requirement applies where:• the APP entity is satisfied the information is inaccurate, out-of-date, incomplete,irrelevant or misleading, having regard to a purpose for which it is held, or• the individual requests the entity to correct the information.There are minimum procedural requirements in relation to correcting personalinformation, including when an APP entity must:• take reasonable steps to notify other APP entities of a correction• give notice to the individual which includes reasons and available complaintmechanisms if correction is refused• take reasonable steps to associate a statement with personal information it refuses tocorrect• respond to a request for correction or to associate a statement, and• not charge an individual for making a request, correcting personal information orassociating a statement.APP 13 — correction of personal informationPrivacy Impact AssessmentCompliance Check with APPs Privacy PrinciplesImplemented information handling practicesIdentified risks/CommentsAPP 1-13………APP 12 — Access to personal information• APP 12 requires an APP entity that holdspersonal information about an individual togive the individual access to that informationon request.• APP 12 also sets out other requirements inrelation to giving access, including howaccess is to be given and when access can berefused. There are separate grounds on whichagencies and organisations may refuse togive access.• APP 12 operates alongside and does notreplace other informal or legal procedures bywhich an individual can be provided withaccess to information, including, for agencies,the Freedom of Information Act 1982 (FOI Act)that provides a right of access to informationheld by agencies.The CAT4 Application only holds an encryptedcopy of data that already exists in other systems inuse by the General Practice. CAT4 does not offerfield requests for details about the patient recorddata details.The Pen CS Privacy Policy has stated Pen CSexcludes itself from acting as a data custodian forpatient record data.Therefore the responsibility would fall to theGeneral Practice to either grant or deny accessand allocate cost against the granting the access.If an individual were to request the details ofthe personal information held by the GeneralPractice about them, the General Practicewould derive that information from its ClinicalInformation Systems, as the CAT4 applicationonly has a copy of a subset of the data.Health service provider who uses the datashared by GP is not responsible for providingaccess to personal information.……… Privacy Impact AssessmentRecommended actions to address the identified privacy risks #Identified privacy riskExisting controls that contribute tomanaging the identified riskRecommended actionsComments1Risks in Access control of the PAT CAT system:• System users with administrative privileges to PAT CAT are notlimited to staff requiring those privileges.• The system does not log who has accessed data, making itdifficult to detect or investigate unauthorised access or misuse.• Staff are unaware of their privacy, confidentiality, and securityobligations.Access is provided only based onpasswords.Physical security measures such aslocks, visitor access, cabinet locks,surveillance have been applied.Data is always sent in the encrypted formvia emails.The following measures arerecommended to ensure a better privacyprotection.• Access to PAT CAT server shouldbe reviewed to ensure appropriatesystem administrators have access.• Apply multi-factor authentication• Apply a detailed logging andauditing system• Staff training on a regular basis toensure that governance policies Privacy Impact AssessmentReport requirement for Case Study• 1. Title (followed by your name and student ID)• 2. Executive Summary• 3.1 Case description• 3.2 Security Operations (Choose two out of 3 topics)– Part 1: Privacy Impact Assessment– Part 2: Design a questionnaire / Design an AUP– Part 3: Risk Management and Governance• 4. Conclusion and ReflectionSocial Engineering and Security Awareness• APPs: https://www.oaic.gov.au/privacy/australian-privacy-principles/read-the-australianprivacy-principles• https://www.oaic.gov.au/agencies-and-organisations/app-guidelines/• Anrdr_privacy_impact_assessment_template• General Data Protection Regulation (EU GDPR)• Healthcare Identifier Act 2010• NIST Privacy Framework: An Enterprising Risk Management Tool 2019• NIST Special Publication 800-122 “Guide to Protecting the Confidentiality of PersonallyIdentifiable Information (PII)”• https://www.oaic.gov.au/privacy-law/privacy-act/• Nonprofitable Data Breaches (NDB) Feb. 2018Resources

QUALITY: 100% ORIGINAL PAPER – NO PLAGIARISM – CUSTOM PAPER

Leave a Reply

Your email address will not be published. Required fields are marked *