Privacy Impact Assessments: International experience as a basis for UK Guidance

Warren, Adam P.; Bayley, Robin; Bennett, Colin J.; Charlesworth, Andrew; Clarke, Roger; Oppenheim, Charles

doi:10.1016/j.clsr.2008.03.003

Cited by 30 publications

(7 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It was a cognitive evaluation to check the feasibility of the research that will lead to the next comprehensive privacy protection guideline that suits the Malaysian culture. The methods of investigation conducted were adjusted from UK's three main procedures (Warren et al, 2008); i. The analysis was referred to relevant legislation and policy -OECD Guidelines, PHIPA and HIPC.…”

Section: Methodsmentioning

confidence: 99%

Towards Implementing a Privacy Policy: An Observation on Existing Practices in Hospital Information System

Samsuri¹,

Ahmad²,

Ismail³

2011

JEHM

View full text Add to dashboard Cite

In order to safeguard the confidentiality and sensitivity of personal health information belongs to individual, a privacy law is needed to be in place. There are numerous cases of unauthorised intrusions of personal health information occurred but no legal action can be exerted due to the absence of a privacy act in Malaysia. Therefore, a preliminary observation has been conducted to review the current privacy implementations in management of personal health information at Malaysian government hospitals. Analysis was conducted based on OECD Fair Information Practices Guideline which has been the benchmark of most of the privacy and data protection legislation in the world. Interviews were conducted with key personnel in medical informatics and legal expertise using Privacy Impact Assessment (PIA) technique as guidance. The findings of the observation were then compared with the existing health information privacy acts. Then, recommendations were made to include those findings in the proposed privacy law or policy in Malaysia.

show abstract

Section: Methodsmentioning

confidence: 99%

Towards Implementing a Privacy Policy: An Observation on Existing Practices in Hospital Information System

Samsuri¹,

Ahmad²,

Ismail³

2011

JEHM

View full text Add to dashboard Cite

show abstract

“…Stewart (1999) also conducted research to evaluate how to improve the implementation of PIAs, and concluded that they could become a powerful vehicle for effective regulation. Warren et al (2008) sought to understand how one country (the United Kingdom, in this case) could learn from the experience of other countries in its use of PIAs to be effective in protecting information privacy, when systems and technologies affect information sharing. A current effort is unfolding in North America with the activities of the AICPA in the United States and the CICA in Canada.…”

Section: What Safeguards Are Needed At a Societal Level?mentioning

confidence: 99%

A Survey of Consumer Information Privacy from the Accounting Information Systems Perspective

Kauffman

Lee

Prosch

et al. 2011

Journal of Information Systems

View full text Add to dashboard Cite

The information privacy of consumers is an important public policy issue in today's society, and one that businesses, industries, and governments are continuing to struggle with as information technology (IT) innovations create ever-stronger impacts. In this article, we explore consumer information privacy issues and review the results of related prior research. We provide a survey of the literature on information privacy based on our assessment from: (1) the societal and public policy perspective, (2) the business practices perspective, and (3) the individual privacy and consumer behavior perspectives that relate to the disclosure of private information by individuals to firms. From the societal and public policy perspective, we identify a number of research directions that relate to the social welfare implications of personal information surveillance, the safeguards needed at the societal level, and the nature of privacy-enhancing regulations. From the business practices perspective, we suggest other research directions that involve the examination of factors influencing organizational choices of privacy practices. We also offer some ways to discover how organizations can leverage their investments in information privacy. The individual and consumer behavior perspective, in turn, prompts Accounting Information Systems (AIS) researchers to look at the nature of people's beliefs and attitudes about privacy; the ways such attitudes affect their intentions and behaviors; and how individuals' behaviors can be influenced by organizational privacy policies and practices. The main contribution of this article is to understand these issues and identify opportunities for AIS researchers to enrich the current body of knowledge on this critical topic.

show abstract

“…Privacy impact assessment (PIA) refers to a systematic assessment which can be incorporated in decision-making in privacy management [40]. Certain guidelines have been developed and released by organizations cross different countries [10,9,11].In a PIA template, each privacy risk can be evaluated by combining the quantities of impact and likelihood that it can cause [39].…”

Section: Privacy Assessmentmentioning

confidence: 99%

From Data Disclosure to Privacy Nudges: A Privacy-Aware and User-Centric Personal Data Management Framework

Lü

Ioannou

et al. 2019

Communications in Computer and Information Science

View full text Add to dashboard Cite

0000−0002−0583−2688] , Shujun Li 1( )[0000−0001−5628−7328] , Athina Abstract. Although there are privacy-enhancing tools designed to protect users' online privacy, it is surprising to see a lack of user-centric solutions allowing privacy control based on the joint assessment of privacy risks and benefits, due to data disclosure to multiple platforms. In this paper, we propose a conceptual framework to fill the gap: aiming at the user-centric privacy protection, we show the framework can not only assess privacy risks in using online services but also the added values earned from data disclosure. Through following a human-in-the-loop approach, it is expected the framework provides a personalized solution via preference learning, continuous privacy assessment, behavior monitoring and nudging. Finally, we describe a case study towards "leisure travelers" and several future areas to be studied in the ongoing project.

show abstract

Privacy Impact Assessments: International experience as a basis for UK Guidance

Cited by 30 publications

References 0 publications

Towards Implementing a Privacy Policy: An Observation on Existing Practices in Hospital Information System

Towards Implementing a Privacy Policy: An Observation on Existing Practices in Hospital Information System

A Survey of Consumer Information Privacy from the Accounting Information Systems Perspective

From Data Disclosure to Privacy Nudges: A Privacy-Aware and User-Centric Personal Data Management Framework

Contact Info

Product

Resources

About