First Reference Talks

Business, Payroll, Employment Law, Internal Controls & You!

  • Home
  • About
  • Contact Us
  • Free Updates

Privacy risk management – by design

Author: Colin Braithwaite

Posted on Thursday, June 10th, 2010 at 10:00

Tweet
privacy

Image taken from: http://www.hoax-slayer.com

I’ve discussed the Privacy by Design (PbD) principle before, in the Inside Internal Control newsletter. In case you don’t know, PbD is an approach developed by Dr. Ann Cavoukian, the Privacy Commissioner of Ontario, which proactively embeds privacy protection by default in the design of an organization’s practices and products.

Now the commissioner has released a paper that discusses the integration of PbD principles into a Privacy Risk Management framework, built on the model of ISO 31000. The paper is aimed at organizations that already have privacy and risk management capabilities in place. As Dr. Cavoukian writes, “By embedding privacy into their existing risk management framework, they will be able to manage risks associated with the protection of personal information, in much the same fashion as any other business risk.”

You can find other useful papers on the Privacy by Design website.

And you can find confidentiality and privacy policies in all of First Reference’s Internal Control Library publications: Information Technology PolicyPro, Not-for-Profit PolicyPro and Finance and Accounting PolicyPro.

Colin Braithwaite
First Reference Internal Controls Managing Editor

Tags: confidentiality, employee personal information, PbD, PbD principles, personal information, privacy, privacy and risk management, privacy by design, Privacy Commissioner, privacy legislation

This entry was posted on Thursday, June 10th, 2010 at 10:00 and is filed under Human Resources, Internal Controls, IT, Privacy and Security, Privacy and Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

Note that some comments may be moderated. If you have not had an approved comment here before, your comment will be held for approval. We are glad to publish comments that address issues raised in the post or other comments on it and that contribute to a fruitful discussion. We do not publish comments that seek to promote commercial products or that seek personal legal advice. Although we do not require it, we ask that in making a comment you use your full name. You must supply a valid email address, which will not appear with your comment.




Spam Protection by WP-SpamFree

  • Get Free Updates

    RSS and Email

  • 2012 Annual Ontario Employment Law Conference

    2011 Canadian Law Blog Finalist

    2010 Canadian Law Blog Finalist

  • Categories

    • Accessibility Standards
      • Integrated Accessibility Regulation
      • Standard for Customer Service
      • Standard for Employment
      • Standard for Information and Communications
      • Standard for the Built Environment
      • Standard for Transportation
    • Announcements
    • Conferences
    • Human Resources
      • Corporate Immigration
      • Employee Relations
      • Employment Standards
      • Health and Safety
      • HR Analytics
      • HRMS
      • Human Rights
      • Privacy and Security
      • Recruiting and Hiring
      • Training and Development
      • Union Relations
    • Internal Controls
      • Environmental Law
      • Finance and Accounting
      • IT, Privacy and Security
      • Not-for-Profit
    • Payroll
      • Benefits
      • Compensation
      • Source Deductions and Reporting

  • Recent Comments

      CommentLeslie D Foreman:
      I agree with the court decision. Granting a full 52 weeks leave for an adoptive...

      CommentDr. Mike Michael:
      While there are many factors associated with depression, a main cause is the...

      CommentAndrew Taillon:
      Thanks Chris. I would suggest that the confusion arises from the way damages were...



  • First Reference:
    @firstreference

    Yosie Saint-Cyr:
    @yosie23

    Adam Gorley:
    @agorley

  • Like us on Facebook!



  • Links

    • First Reference
    • HR eSource
    • HRinfodesk
    • HRtrack
    • Human Resources Advisor
    • PolicyPro

  • Blogroll

    • All About Information
    • Chambers on the Profession
    • Corporate Governance
    • Corporate Governance & Risk Management Blog
    • Corporate Reporting to Stakeholders
    • Daniel A. Lublin Employment Law Blog
    • Doorey’s Workplace Law Blog
    • Employment & Human Rights Law in Canada
    • Human Right in the Workplace
    • International Corporate Governance
    • Leech Talks Risk
    • Marks on Governance
    • Osgoode Labour & Employment Law Society
    • SBH Lawyers blog
    • Slaw
    • Thoughts from a Management Lawyer

  • Post Archives

    • February 2012 (9)
    • January 2012 (26)
    • December 2011 (27)
    • November 2011 (24)
    • October 2011 (22)
    • September 2011 (34)
    • August 2011 (27)
    • July 2011 (25)
    • June 2011 (35)
    • May 2011 (29)
    • April 2011 (28)
    • March 2011 (27)
    • February 2011 (20)
    • January 2011 (22)
    • December 2010 (23)
    • November 2010 (23)
    • October 2010 (22)
    • September 2010 (24)
    • August 2010 (28)
    • July 2010 (26)
    • June 2010 (29)
    • May 2010 (32)
    • April 2010 (24)
    • March 2010 (22)
    • February 2010 (9)
    • January 2010 (11)
    • December 2009 (11)
    • November 2009 (14)
    • October 2009 (16)
    • September 2009 (11)
    • August 2009 (1)

  • Questions?

    Email us:
    editor[at]firstreference.com

Copyright © 2012 - First Reference | Entries (RSS) | Comments (RSS) | Twitter | Facebook

WordPress theme designed by web design