mNo edit summary Tag: sourceedit |
mNo edit summary |
||
| (3 intermediate revisions by the same user not shown) | |||
| Line 5: | Line 5: | ||
{{Quote|focuses on providing guidance that can be used to decrease [[privacy risk]]s, and enable organizations to make purposeful decisions about [[resource allocation]] and [[effective]] [[implementation]] of controls in [[information system]]s.<ref>[[NIST]], "Privacy Engineering at NIST" ([http://csrc.nist.gov/projects/privacy_engineering/index.html full-text]).</ref>}} |
{{Quote|focuses on providing guidance that can be used to decrease [[privacy risk]]s, and enable organizations to make purposeful decisions about [[resource allocation]] and [[effective]] [[implementation]] of controls in [[information system]]s.<ref>[[NIST]], "Privacy Engineering at NIST" ([http://csrc.nist.gov/projects/privacy_engineering/index.html full-text]).</ref>}} |
||
| − | {{Quote|is a collection of methods to support the [[mitigation]] of [[risk]]s to individuals arising from the [[data processing|processing]] of their [[personal information]] within [[information system]]s.<ref>[[Privacy Risk Management |
+ | {{Quote|is a collection of methods to support the [[mitigation]] of [[risk]]s to individuals arising from the [[data processing|processing]] of their [[personal information]] within [[information system]]s.<ref>[[An Introduction to Privacy Engineering and Risk Management in Federal Systems]], at 28.</ref>}} |
| + | |||
| + | {{Quote|[is] a specialty discipline of [[systems engineering]] focused on achieving freedom from conditions that can create problems for individuals with unacceptable consequences that arise from the [[system]] as it [[process]]es [[PII]].<ref>[[An Introduction to Privacy Engineering and Risk Management in Federal Systems]], at iv.</ref>}} |
||
| + | |||
| + | {{Quote|an approach to [[business process]] and [[technology architecture]] that combines various [[methodologies]] in design, [[deployment]] and [[governance]]. Properly [[implement]]ed, it yields an end result with both: |
||
| + | |||
| + | * Easily [[accessible]] [[functionality]] to fulfill the [[Organisation for Economic Co-operation and Development]] ([[OECD]]) eight [[privacy principles]] and, |
||
| + | * [[Mitigation]] against the impact of a [[breach of personal data]] by reimagining defense in depth from a [[privacy]]-centric vantage. |
||
| + | |||
| + | The [[process]] involves ongoing re-calculation and re-balancing of the [[risk]] to the individual [[data owner]] while preserving optimum utility for personal [[data-processing]] use cases.<ref>Gartner, IT Glossary ([https://www.gartner.com/it-glossary/ full-text])</ref>}} |
||
== References == |
== References == |
||
Latest revision as of 04:30, 23 September 2018
Definitions[]
Privacy engineering
| “ | focuses on providing guidance that can be used to decrease privacy risks, and enable organizations to make purposeful decisions about resource allocation and effective implementation of controls in information systems.[1] | ” |
| “ | is a collection of methods to support the mitigation of risks to individuals arising from the processing of their personal information within information systems.[2] | ” |
| “ | [is] a specialty discipline of systems engineering focused on achieving freedom from conditions that can create problems for individuals with unacceptable consequences that arise from the system as it processes PII.[3] | ” |
| “ | an approach to business process and technology architecture that combines various methodologies in design, deployment and governance. Properly implemented, it yields an end result with both:
The process involves ongoing re-calculation and re-balancing of the risk to the individual data owner while preserving optimum utility for personal data-processing use cases.[4] |
” |
References[]
- ↑ NIST, "Privacy Engineering at NIST" (full-text).
- ↑ An Introduction to Privacy Engineering and Risk Management in Federal Systems, at 28.
- ↑ An Introduction to Privacy Engineering and Risk Management in Federal Systems, at iv.
- ↑ Gartner, IT Glossary (full-text)