ICO calls for privacy impact assessments

By

The UK's Information Commissioner's Office (ICO) is calling for organisations to make sure they consider the personal privacy implications of installing or developing new IT systems.

ICO calls for privacy impact assessments
At a surveillance conference in Manchester the ICO highlighted the breach at HM Revenue and Customs, saying it was a watershed and will call for organisations to implement new safeguards to help protect individuals' privacy.

"Very often the collection and use of personal information is essential and beneficial to modern life but many people do not realise that data collection is at the heart of surveillance," said David Smith, deputy commissioner at the ICO.

"Each time someone gives away their personal information they leave electronic footprints which build up a picture of every aspect of their daily lives. It is essential that before introducing new systems and technologies, which could accelerate the growth of a surveillance society, full consideration is given to the impact on individuals and that safeguards are in place to minimise intrusion. Privacy impact assessments are a common sense approach to help organisations develop privacy friendly ways of working."

The ICO will also be producing a privacy impact assessment handbook designed to help organisations address the risks to personal privacy before implementing new initiatives and technologies, thereby helping to increase public confidence in data collection.

Research commissioned by the ICO shows that six out of ten individuals believe they have lost control over the way their personal information is handled.

"Before giving out any personal information we advise individuals to make sure they know who they are giving their details to, why these details are needed and how they will be used," added Smith.

"If individuals are not satisfied with the response they should not feel obliged to give out their details they should simply ask to move on to the next question. In order to have trust in an organisation, individuals must be confident that their information is held securely and processed in line with data protection rules."

The ICO advises that anyone who processes personal information must make sure that data is:
• Fairly and lawfully processed
• Processed for limited purposes
• Adequate, relevant and not excessive
• Accurate and up to date
• Not kept for longer than is necessary
• Processed in line with your rights
• Secure
• Not transferred to other countries without adequate protection

Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
callsforicoimpactprivacysecurity

Sponsored Whitepapers

See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Diamond IT Delivers GRC Transformation with Microsoft Purview
Diamond IT Delivers GRC Transformation with Microsoft Purview
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy

Events

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers
Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies
Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound
Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?