Definitions[]
Privacy engineering
“ | focuses on providing guidance that can be used to decrease privacy risks, and enable organizations to make purposeful decisions about resource allocation and effective implementation of controls in information systems.[1] | ” |
“ | is a collection of methods to support the mitigation of risks to individuals arising from the processing of their personal information within information systems.[2] | ” |
“ | [is] a specialty discipline of systems engineering focused on achieving freedom from conditions that can create problems for individuals with unacceptable consequences that arise from the system as it processes PII.[3] | ” |
“ | an approach to business process and technology architecture that combines various methodologies in design, deployment and governance. Properly implemented, it yields an end result with both:
The process involves ongoing re-calculation and re-balancing of the risk to the individual data owner while preserving optimum utility for personal data-processing use cases.[4] |
” |
References[]
- ↑ NIST, "Privacy Engineering at NIST" (full-text).
- ↑ An Introduction to Privacy Engineering and Risk Management in Federal Systems, at 28.
- ↑ An Introduction to Privacy Engineering and Risk Management in Federal Systems, at iv.
- ↑ Gartner, IT Glossary (full-text)