In this paper, we compared the requirements of previously developed manual and ISO/IEC 29134:2017 and analyzed the changes. As a result, there were no major differences in requirements. It is useful to conduct a privacy impact assessment (PIA) before actually operating the system to appropriately construct and operate a system that handles personal information. A manual (procedure manual) is necessary to implement PIA efficiently. In June 2017, ISO issued the ISO/IEC 29134:2017 as an international standard on PIA. Cause the past PIA manual developed based on ISO 22307:2008, development of a PIA manual conforming to ISO/IEC 29134:2017 was required. By our analysis, as a newly stated matter, ISO/IEC 29134:2017 explicitly indicated Due Diligence, stakeholder engagement, and risk countermeasures. Based on the analysis results, we propose a new PIA manual reflecting the requirements of ISO/IEC 29134:2017.
CITATION STYLE
Shin, S., Seto, Y., Hasegawa, K., & Nakata, R. (2018). Proposal for a privacy impact assessment manual conforming to ISO/IEC 29134:2017. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 11127 LNCS, pp. 486–498). Springer Verlag. https://doi.org/10.1007/978-3-319-99954-8_40
Mendeley helps you to discover research relevant for your work.