Business case for investing in proactive privacy protection

business case for investing in pro-active privacy protection

Watson Hall Ltd and John Leach Information Security Ltd are jointly undertaking a project for the United Kingdom Information Commissioner's Office (ICO) to research and develop an easily understandable and compelling business case that will help organisations to justify and implement privacy protection within their business processes and systems. On 7th August 2009 the ICO announced the appointment and forthcoming discussion document.

Background

The Privacy by Design report, commissioned by the ICO in 2008, identified the absence of a soundly argued business case for investing in privacy friendly systems and business processes as one of the barriers to more proactive privacy protection.

In order to address this aspect, the ICO has commissioned us to develop a document setting out the business case for investing in proactive privacy protection in existing or new business processes. This will involve understanding the organisational processes involved in procuring, implementing and changing information systems and business processes across the public, private and professional services sectors, researching the value of personal information as an asset and quantifying the risk to personal information.

As part of this work, we are undertaking research on the organisational methods involved in implementing business processes and procuring information systems. We are researching and detailing the role and value of personal information for data handlers, covering organisations in the public, private and professional service sectors. We will also be quantifying the potential risks faced by personal information whilst in the hands of data handlers.

Discussion document

The deadline for contributions, 15 September 2009, has now passed. We would like to thank all the people and organisations that have contributed to our research.

To support this research and to bring together a wide range of views, we are conducting a number of interviews and published a discussion document. The discussion document describes and expands upon a number of central issues relevant to this work and was the primary means by which we solicited input from a wide range of knowledgeable contributors. Input from all types of organisations that collect and process personal information, other interested organisations, and individuals was welcomed.

Download

The discussion document version 1.2 was published on Tuesday 25 August 2009 (236 kB PDF, 24 pages A4). This file is also linked from the right hand margin of the page.

If you have any questions, please do not hesitate to contact us (see below).

Contributions

Contributions provided will remain confidential to us and will not be shared with the ICO or any other party. However, we may wish to refer to or quote from contributions though we would ensure that the source of the contribution (either individual or organisation) was not and could not be identified unless the source provided their express consent. Please also read our privacy notice.

News

The ICO is publishing project progress reports and there has been press coverage and discussion elsewhere. Further details of coverage elsewhere.

Contacts

Please use either of the following details to request further information about this project.

John Leach Information Security Ltd logo Watson Hall Ltd logo

John Leach Information Security Ltd

Dr John Leach
Email privacy.protection@jlis.co.uk
Telephone 01264 332 477 / 07734 311 567
Web http://www.jlis.co.uk/

Watson Hall Ltd

Mr Colin Watson
Email privacy.protection@watsonhall.com
Telephone 020 7183 3710 / 07811 132 972
Web http://www.watsonhall.com

Contact Watson Hall

Central London based Watson Hall works with your business and information systems staff, partners and suppliers, including professional advisors such as accountants, auditors, insurers and solicitors. We guide, assist and build security and skills in organisations to reduce security risk.

© 2009 John Leach Information Security Ltd and Watson Hall Ltd, last reviewed 9 October 2009

These pages contain general information only. Nothing in these pages constitutes professional advice. Please read the website's terms of use, and consult a suitably qualified information security professional on any specific problem or matter.

© 2007-2010 Watson Hall Ltd, last reviewed 9 October 2009

http://www.watsonhall.com/methodology/privacy-protection.pl
Watson Hall Ltd - Business case for investing in proactive privacy protection
Requested by: 38.107.191.113 on Tuesday, 9 February 2010 at 00:38 hrs