On 7 August, the Information Commissioner’s Office announced the appointment of Watson Hall Ltd and John Leach Information Security Ltd for a special ICO project. They are jointly to undertake a project for the ICO to research and develop an easily understandable and compelling business case that will help organisations to justify and implement privacy protection within their business processes and systems.
To support their research and to fulfil their aim of bringing together a wide range of views, they will be conducting a number of interviews but they have now published a discussion document. The discussion document aims to describe and expand upon a number of central issues relevant to the project work and will be the primary means by which Watson Hall Ltd and John Leach Information Security Ltd will be soliciting input from contributors. They seek input from all types of organisations that collect and process personal information, other interested organisations, and individuals.
The discussion document version 1.2 was published on Tuesday 25 August 2009 (236 kB PDF, 24 pages A4).
Background
The Privacy by Design report, commissioned by the ICO in 2008, identified the absence of a soundly argued business case for investing in privacy friendly systems and business processes as one of the barriers to more proactive privacy protection.
In order to address this aspect, the ICO has commissioned Watson Hall Ltd and John Leach Information Security Ltd to develop a document setting out the business case for investing in proactive privacy protection in existing or new business processes. This will involve understanding the organisational processes involved in procuring, implementing and changing information systems and business processes across the public, private and professional services sectors, researching the value of personal information as an asset and quantifying the risk to personal information.
eck here periodically.
Providing contributions
Watson Hall Ltd and John Leach Information Security Ltd ask potential contributors to send input by e-mail to privacy.protection@jlis.co.uk with “Discussion Document Contribution” in the subject line. They ask for all responses to be submitted by 15 September 2009.
For more information, see http://www.watsonhall.com/methodology/privacy-protection.pl.
