First Reference company logo

First Reference Talks

News and Discussions on Payroll, HR & Employment Law

decorative image

Privacy risk management – by design


Image taken from:

I’ve discussed the Privacy by Design (PbD) principle before, in the Inside Internal Control newsletter. In case you don’t know, PbD is an approach developed by Dr. Ann Cavoukian, the Privacy Commissioner of Ontario, which proactively embeds privacy protection by default in the design of an organization’s practices and products.

Now the commissioner has released a paper that discusses the integration of PbD principles into a Privacy Risk Management framework, built on the model of ISO 31000. The paper is aimed at organizations that already have privacy and risk management capabilities in place. As Dr. Cavoukian writes, “By embedding privacy into their existing risk management framework, they will be able to manage risks associated with the protection of personal information, in much the same fashion as any other business risk.”

You can find other useful papers on the Privacy by Design website.

And you can find confidentiality and privacy policies in all of First Reference’s Internal Control Library publications: Information Technology PolicyPro, Not-for-Profit PolicyPro and Finance and Accounting PolicyPro.

Colin Braithwaite
First Reference Internal Controls Managing Editor

Follow me

Colin Braithwaite

Colin Braithwaite has more than 20 years experience in writing and publishing. From 2004–2010, Colin was the Managing Editor responsible for the products in the Internal Control Library at First Reference Inc. Read more
Follow me

Latest posts by Colin Braithwaite (see all)

, , , , , , , , ,

Comments are currently closed.