Making Privacy Impact Assessment More Effective

Information Society

Volumn 29, Issue 5, 2013, Pages 307-315

  Wright, David ^a  

^a Trilateral Research and Consulting LLP: Trilateral Research Ltd   (United Kingdom)

Author keywords

consultation; PIAF; privacy impact assessment; privacy risks; stakeholders

Indexed keywords

EID: 84886414274     PISSN: 01972243     EISSN: 10876537     Source Type: Journal    
DOI: 10.1080/01972243.2013.825687     Document Type: Review

References (25)

1. Article 29 Data Protection Working Party. 2012. Opinion 01/2012 on the data protection reform proposals, Brussels, 23 March. http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2012/wp191_en.pdf (accessed June 22, 2013)
2. Cabinet Office. 2008a. Cross government actions: Mandatory minimum measures. http://www.cabinetoffice.gov.uk/sites/default/files/resources/cross-gov-actions.pdf (accessed June 22, 2013)
3. Cabinet Office. 2008b. Data handling procedures in government: Final report. June. http://www.cabinetoffice.gov.uk/sites/default/files/resources/final-report.pdf (accessed June 22, 2013)
4. Clarke, R. 2012. " PIAs in Australia: A work-in-progress report ". In Privacy impact assessment, Edited by: Wright, David and de Hert, Paul. 119 - 48. Dordrecht, The Netherlands: Springer.
5. Commission Nationale de l'Informatique et des Libertés (CNIL), Methodology for Privacy Risk Management, Paris. 2012. http://www.cnil.fr/fileadmin/documents/en/CNIL-ManagingPrivacyRisks-Methodology.pdf (accessed June 22, 2013)
6. European Commission. 2012. Proposal for a Regulation of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation). COM(2012) 11 final, Brussels, 25 January. http://ec.europa.eu/justice/newsroom/data-protection/news/120125_en.htm (accessed June 22, 2013)
7. Finn, R., Wright, D. and Friedewald, M. 2013. " Seven types of privacy ". In European data protection: Coming of age?, Edited by: Gutwirth, S., Leenes, R. De Hert, P. 3 - 32. Dordrecht, The Netherlands: Springer.
8. Health Information and Quality Authority. 2010a. Guidance on privacy impact assessment in health and social care Dublin December http://www.hiqa.ie/resource-centre/professionals (accessed June 22, 2013)
9. Health Information and Quality Authority. 2010b. International review of privacy impact assessments http://www.hiqa.ie/standards/information-governance/health-information-governance (accessed June 22, 2013)
10. Information Commissioner's Office. 2009. privacy impact assessment handbook, Version 2.0, Cheshire, UK: Wilmslow. http://www.ico.gov.uk/upload/documents/pia_handbook_html_v2/index.html (acc- essed June 22, 2013)
11. International Organization for Standardization. 2011. Information technology-Security techniques-Information security risk management, ISO/IEC 27005:2011, Second edition Geneva 1 June http://www.iso.org/iso/catalogue_detail?csnumber=56742 (accessed June 22, 2013)
12. Office of Management and Budget. 2003. OMB guidance for implementing the privacy provisions of the E-Government Act of 2002 Washington, DC September 26 http://www.whitehouse.gov/omb/memoranda/m03-22.html (accessed June 22, 2013)
13. Office of the Chief Information and Privacy Officer. 2010. Privacy impact assessment guide for the Ontario Public Service, Toronto: Queen's Printer for Ontario.
14. Office of the Information and Privacy Commissioner of Alberta. 2009. Privacy impact assessment (PIA) requirements For use with the Health Information Act. January www.OIPC.ab.ca (accessed June 22, 2013)
15. Office of the Privacy Commissioner. 2008. Guidance note for departments seeking legislative provision for information matching, 16 May, Appendix B. http://privacy.org.nz/guidance-note-for-departments-seeking-legislative-provision-for-information-matching/#appendix (accessed June 22, 2013)
16. Office of the Privacy Commissioner. 2007. Privacy impact assessment handbook Auckland/Wellington http://privacy.org.nz/assets/Files/Brochures-and-pamphlets-and-pubs/48638065.pdf (accessed June 22, 2013)
17. Office of the Privacy Commissioner. 2010. Privacy impact assessment guide Sydney NSW, August 2006, revised May http://www.oaic.gov.au/privacy/privacy-resources/privacy-guides/privacy-impact-assessment-guide (accessed June 22, 2013)
18. Office of the Victorian Privacy Commissioner. 2009. Privacy impact assessments-A guide for the Victorian public sector, Edition 2 Melbourne April http://www.privacy.vic.gov.au/domino/privacyvic/web2.nsf/pages/guidelines (accessed June 22, 2013)
19. Stoddart, Jennifer. 2012. " Auditing privacy impact assessments: The Canadian experience ". In Privacy impact assessment, Edited by: Wright, D. and de Hert, P. 419 - 36. Dordrecht, The Netherlands: Springer.
20. Treasury Board of Canada Secretariat. 2002. Privacy impact assessment guidelines: A framework to manage privacy risks Ottawa August 31 http://www.tbs-sct.gc.ca/pubs_pol/ciopubs/pia-pefr/paipg-pefrld1-eng.asp (accessed June 22, 2013)
21. Treasury Board of Canada Secretariat. 2010. Directive on privacy impact assessment. Ottawa, April 1. http://www.tbs-sct.gc.ca/pol/doc-eng.aspx?id=18308§ion=text#cha1 (accessed June 22, 2013)
22. Wright, D. 2012. The state of the art in privacy impact assessment. Computer Law & Security Review, 28 (1): 54 - 61.
23. Wright, D., Wadhwa, K., De Hert, P. and Kloza, D. 2011. PIAF deliverable D1, September. http://www.piafproject.eu/ref/PIAF_D1_21_Sept2011Revlogo.pdf (accessed June 22, 2013)
24. Wright, D. and De Hert, P. 2012. Privacy impact assessment, Dordrecht, The Netherlands: Springer.
25. Wright, D., Finn, R. and Rodrigues, R. 2013. A comparative analysis of privacy impact assessment in six countries. Journal of Contemporary European Research, 9 (1): 160 - 80.