TOTAL: {[ getCartTotalCost() | currencyFilter ]} Update cart for total shopping_basket Checkout

Canada Dashboard Digest | Notes from the IAPP Canada Managing Director, February 24, 2017 Related reading: Australia and Chinese Taipei join APEC's Cross-Border Privacy Rules System

rss_feed
PrivacyTraining_ad300x250.Promo1-01

""

There’s a news story this week (below) about a government computer system not having the necessary privacy protections built into it. It’s actually a follow-up investigation by the British Columbia Auditor General, who went public with her disappointment that the government had not yet fixed the system.

I suppose these stories are going to continue for some time into the future. There just aren’t enough people responsible for building and implementing systems who are versed in privacy know-how. It’s odd, for me, because I’m knee-deep in it, but stories like this remind me that in many ways we’re still at the beginning stages of this privacy industry.  There’s still lots of ground to cover and educating to do, connections to be made with other key professional groups.

I’m particularly interested in this type of news story this week because we’re just putting the finishing touches on three separate PIAs. All for government bodies, and all because they are implementing new systems. The PIA exercise is a great tool to catch privacy risks and, if done properly, will also be helpful in figuring out ways to mitigate those risks.

I’m a little surprised, actually, that the story about the British Columbia Auditor General doesn’t mention that one way the government failed was by not conducting a PIA. In my mind, had they taken that first and crucial step, the privacy problems would likely not have materialized in the first place.

And they definitely wouldn't have become national news. 

Comments

If you want to comment on this post, you need to login.