National Ophthalmology Database UK AMD Audit Data Privacy ...
Privacy Protection Audit and IT Security Problems in Germany
-
Upload
barrett-hall -
Category
Documents
-
view
30 -
download
0
description
Transcript of Privacy Protection Audit and IT Security Problems in Germany
4th Conference on Information Society Infobalt, Vilnius1
Privacy Protection Audit and IT Security Problems in Germany
Dr. Thilo Weichert
Independent Centre for Privacy Protection
Schleswig-Holstein, Germany
4th Conference on Information Society Infobalt, Vilnius2
Privacy Protection Audit and IT Security Problems in Germany
One-sided focus on legal aspects
Too much geared towards Rules and Prohibitions
Lack of incentive for good Privacy Protection Concepts
Customers and Citizens not enough involved
Reasons for the Establishment of the Privacy Protection Audit
Shortcomings of the previous Privacy Protection System
4th Conference on Information Society Infobalt, Vilnius3
Privacy Protection Audit and IT Security Problems in Germany
Privacy Protection makes an arrival at the free economy
Influence on the technical Design
Increased Possibility for Control
Privacy Protection as a winning Model
Reasons for the Establishment of the Privacy Protection Audit
4th Conference on Information Society Infobalt, Vilnius4
Privacy Protection Audit and IT Security Problems in Germany
Federal Data Protection Act
Member States‘ Privacy Protection Acts
Privacy Protection Act of Schleswig-Holstein
Privacy Protection Audit
IT Seal of Quality
Legal Situation in Germany
4th Conference on Information Society Infobalt, Vilnius5
Privacy Protection Audit and IT Security Problems in Germany
Legal Situation
Rules
How to execute the Audit
Subject of the Audit
Public Authorities Parts of Public Authorities Administrative Proceedings
Privacy Protection Audit in Schleswig-Holstein
4th Conference on Information Society Infobalt, Vilnius6
Privacy Protection Audit and IT Security Problems in Germany
On voluntary Basis
Increasing Personal Responsibility
Using the Audit as an Image und Commercial factor
Privacy Protection Audit in Schleswig-Holstein
4th Conference on Information Society Infobalt, Vilnius7
Privacy Protection Audit and IT Security Problems in Germany
Examining the current Privacy Protection Situation
Determination of Privacy Protection Aims
Establishment of a Privacy Protection Management System
Appraisal by the Independent Centre for Privacy Protection
Procedure of the Privacy Protection Audit in Schleswig-Holstein
4th Conference on Information Society Infobalt, Vilnius8
Privacy Protection Audit and IT Security Problems in Germany
Awarding with the Audit Seal
First Experience
Procedure of the Privacy Protection Audit in Schleswig-Holstein
4th Conference on Information Society Infobalt, Vilnius9
Privacy Protection Audit and IT Security Problems in Germany
Legal Regulation: § 4 par. 2 Priv.Prot.Act
Further Steps
July 01, 2000: Enactment of the Priv.Prot.Act April 04, 2001: Quality Seal Decree by the State
Government Nov 05, 2001: Beginning of the Expert Accreditation
Procedure Feb 01, 2002: Publication of the Product Criteria Feb 01, 2002: Accreditation of the first Experts
IT Seal of Quality in Schleswig-Holstein
4th Conference on Information Society Infobalt, Vilnius10
Privacy Protection Audit and IT Security Problems in Germany
Product to be certified
Conclusion of an Expert Agreement
Examination and Evaluation of the Product by the Expert
Expert Opinion
The Independent Center for Privacy Protection checks the Expert Opinion on conclusiveness and understandability
Course of the Quality Seal Procedure in Schleswig-Holstein
4th Conference on Information Society Infobalt, Vilnius11
Privacy Protection Audit and IT Security Problems in Germany
Awarding with the Mark of Quality
4th Conference on Information Society Infobalt, Vilnius12
Privacy Protection Audit and IT Security Problems in Germany
Competence and Expert Knowledge
Independence
Reliability
List of Experts:
http://www.datenschutzzentrum.de/guetesiegel/
Experts in the Schleswig-Holstein Seal of Quality Procedure
4th Conference on Information Society Infobalt, Vilnius13
Privacy Protection Audit and IT Security Problems in Germany
No violation of Privacy Protection Laws
Support of Privacy Protection and Data Security Aims by Means of technical Design
Possible organisational Backup Measures are described in an understandable Way and can be put into Action with appropriate Effort
Easily understandable Documentation
Altogether adequate to the User
Criteria for the Schleswig-Holstein Seal of Quality
4th Conference on Information Society Infobalt, Vilnius14
Privacy Protection Audit and IT Security Problems in Germany
Data Avoidance/Data Austerity
Guarantee for Data Security and Ability to Revision
Guarantee for the Rights of the involved citizen
Special Criteria for the Schleswig-Holstein Seal of Quality
4th Conference on Information Society Infobalt, Vilnius15
Privacy Protection Audit and IT Security Problems in Germany
Supported by the EU
Results Influence the Federal Legislation
International Congress 2003 in Kiel
The Schleswig-Holstein Seal of Quality Procedure
4th Conference on Information Society Infobalt, Vilnius16
Privacy Protection Audit and IT Security Problems in Germany
The Independent Centre for Privacy Protection
Where? Holstenstraße 98, 24103 KielTelephone? 0431/988-1205Telefax? 0431/988-1223E-Mail? [email protected]? www.datenschutzzentrum.de