PRIVACY IN TECHNOLOGY

ONLINE TRAINING TRANSCRIPT

MODULE 2: THE ROLE OF THE TECHNOLOGY PROFESSIONAL IN PRIVACY

Introduction
Introduction

More and more our physical lives are merging with our digital ones. Our world is increasingly reliant on
and held in an electronic format of some kind: as consumers, employees, students, patients, social media
users or web surfers. Often our personal information is collected even when we are not actively
participating. While more laws that aim to protect personal information are constantly emerging,
expectations around privacy often go beyond what the law allows or what a company may state in its
privacy notice. Privacy technologists are challenged with looking at their technology ecosystems through a
privacy lens and designing systems that protect and preserve personal information.

For an organization to establish a culture of trust and integrity, it must begin by setting forth a solid
foundation that carefully considers the needs and values of the individuals whose information it holds. The
policies an organization has in place and the processes by which it executes those policies should support
that foundation. Module 2 looks at the privacy components of an organization and the role of privacy
technologists within the technology ecosystem.

Fundamentals of privacy-related IT
Learning objective

• Summarize the fundamentals of privacy-related technology

Privacy notices

A privacy notice is an external instrument published by an organization’s IT team that informs consumers,
suppliers, business partners and individuals about the organization’s information privacy practices, values
and commitments. Organizations must determine when to notify users of their agreement, for example, as
soon as one enters the website, or prior to the collection of any personal information. Additionally, an
organization’s IT team can communicate these notices using different methods depending on the type of
information or services they are providing. Examples include requiring users to check a box indicating
agreement to the privacy notice before entering the site or purchasing a product, or simply posting a
conspicuous link to the privacy notice on the website. Prior to design, organizations must be aware of any
legal and industry requirements regarding privacy notices as well as consumers’ expectations of the
handling of their personal information.

Privacy policies

©2022, International Association of Privacy Professionals, Inc. (IAPP)

A privacy policy is different than a privacy notice. We have discussed that privacy notices are external
communications used to inform outside parties about an organization’s use of personal information. In
contrast, privacy policies are internal statements designed to communicate best privacy practices and
what information handling guidelines to follow, and when, for those within an organization. Policies
address privacy and security, data management and data loss prevention. Privacy policies should be
documented, easily accessible, and kept up-to-date, and all employees should be familiar with them. It is
also important that these policies are endorsed and enforced by management and executives of the
company. Designing internal policies is an integral part of preventing the loss or misuse of sensitive data.

Security policies

Adequate privacy protection of personal information is contingent on the quality of an internal security
policy. A well-functioning internal security policy prevents unauthorized or unnecessary access to
corporate data or resources—including intellectual property, financial data and personal information.
Physical security measures, such as locks, safes, cameras and fences, offer further protections from both
internal and external threats. Organizations should consider going beyond their minimal requirements for
security, as consumer expectations dictate. Well-managed processes raise customer satisfaction and build
consumer trust. Technical controls that secure company data will be discussed in greater depth in module
4.

Examine the ways in which measures are put in place to secure data.

Data classification policies: Policies need to be established and enforced for both granting and
revoking access to assets and information according to their classification. Employees that handle
sensitive data should have their own user accounts that are secured by authentication
mechanisms. These accounts should only be used to perform the user’s specific job functions.

Data schema: A data schema is used to separate customer information. It formulates all the
constraints to be applied on the data, defines its entities and the relationships among them. Access
to database schemas are only available to those who need to see the information. For example,
purchase history can be separated from personal information. Access to personal information may
require a specific customer ID.

Data retention: Laws and regulations may require data to be stored for a specific amount of time.
Establish data retention schedules early in the system development life cycle. Backup storage
devices must also be considered. Remove data on a periodic basis when older data is no longer of
use toward a business’s objectives.

Data deletion: When data is no longer needed, remove data and any derivatives from the system,
ensuring that recovery methods are also removed.

Data inventories (1)

Keeping an inventory of data, helps to protect privacy adequately. This means knowing what data is
collected, how it is handled, where it is stored, and how it is classified. Knowledge of data and its
characteristics is a key part of the privacy technologist’s job. Data should be regularly monitored and
inventoried, and device upgrades and updates should also be performed as necessary. This includes
software updates, security patches or even replacing obsolete technology.

Data inventories (2)

Analyzing and interpreting data so that it can be classified and organized into information categories is an
essential step. Common categories take the form of information assets, physical assets and intellectual
property. Assets are then classified as confidential, internal use or public. Classifying and categorizing data
enables an organization to properly manage and protect the assets in its possession. It can then assign
owners to specific classifications of assets. Select each for a brief definition.

©2022, International Association of Privacy Professionals, Inc. (IAPP)

 Types of assets

Information assets: Customer and employee data as well as backup copies of data stored
either on-site or off-site

Physical assets: Servers, workstations, laptops, portable storage devices, backup media,
paper files

Intellectual property: Software code, trade secrets, brand

Asset classifications

Confidential: Information that should remain secure and private: customer information,
employee Social Security numbers, payment account information

Internal use: Business information intended for internal use only: company contact
directories, business plans, sales forecasts, proprietary software codes

Public: Information that can be safely shared with the public: physical address, marketing
materials, customer service information

Contracts and agreements

When collected data is shared with third-party vendors, it should be handled in accordance with the
commitments made to the data subject and data owner regardless of where their personal information is
located or how it is used. Third-party contracts should be detailed with clear expectations of how data is to
be managed while in their possession as well as the roles and responsibilities of vendors. Often
organizations have obligations to specific compliance regulations that must be included in third-party
contracts. For example, under the GDPR there are a specific set of guidelines that must be adhered to
when issuing third-party contracts. It should also be made clear that the organization can perform audits
on third-party vendors to ensure compliance. Penalties for breach of contract by a third-party vendor or
contractor should sufficiently compensate the organization for any negative repercussions that a breach
would cause.

Risk analysis can assess the vulnerabilities of personal information that is in the hands of third parties and
can inform privacy technologists on what actions need to be performed in an effort to mitigate these
vulnerabilities and threats. Implementing controls such as separating collected data according to who is
processing it, using data schemas, or requiring acceptance of enforcement policies when data is collected
in the cloud.

Privacy impact assessments (PIAs)

A privacy impact assessment (PIA) is an analysis of how personal information is handled throughout the
data life cycle within an organization. A PIA ensures that organizations apply legal, regulatory and policy
requirements regarding privacy, assesses privacy risks, and recommends methods of risk mitigation. A
significant goal of performing a PIA is to compel an organization to think about the choices it makes for its
processes and how those choices will impact privacy. Privacy technologists can utilize the findings of a PIA
to determine whether privacy risk is appropriately addressed using the privacy policies and procedures.

Data protection impact assessments (DPIAs)

Similarly, a data protection impact assessment (DPIA) is a structured approach to understanding and
mitigating potential risks to individuals’ data you process. DPIAs are a requirement under certain privacy
regulations and should be implemented prior to a new processing operation being put into effect.

For example:

©2022, International Association of Privacy Professionals, Inc. (IAPP)

A PIA would be used to identify the legalities, regulations and policies a system is processing with and
identifies necessary mitigation while a DPIA is used to determine how information covered by a PIA is
protected and identifies any necessary mitigation.

In the EU, the term DPIA has specific legal provisions as set out in the GDPR, although it is sometimes
used synonymously with PIA.

Select here for more resources on the different forms of privacy impact assessments. (Link:
https://iapp.org/resources/topics/privacy-impact-assessment-2/#featured-resources)

Perspectives: What are the best examples of preparedness?

Liisa Thomas, Partner and Lead, Privacy and Cybersecurity Team, Sheppard Mullin

So, what are the best examples of preparedness? Teams that work well together is a phenomenal example
of preparedness and that’s something that people could do and be prepared for just in their daily work
worlds. But actual, “OK, we’re going to sit down and we’re going to get ready for a data breach”? The
thing other than teamwork that I’ve seen that really makes a difference during an incident—and teamwork
takes the top, but after teamwork, I would say knowing what information you have and where it’s at. That
is a massive, massive undertaking; don’t let anybody tell you differently. Working through and
understanding what information you have, where it sits—that’s huge and can make a really big difference
during an incident.

And going along with that, when we say, “Knowing what information you have and where you have it,” it’s
not just saying, “In System X, we maintain Social Security numbers.” It’s, “What Social Security numbers
do we have in System X? Whose Social Security numbers do we have?”

And a recent situation I worked on, one of the things the team had done that was such a lifesaver was
they had the contact information for the impacted individuals. Now, obviously, you’re going to want to
work with legal counsel to decide, “Do we want to collect more information than we need in order to fulfill
the purposes for which we collected the information?” Data minimization is a huge way to prepare. You
have less information, so you have less to be breached. But if you are in a situation where you had to
have that information, and it was breached and you’ve got impacted individuals, knowing that you can
contact them because you have their contact information can be really helpful.

That particular situation that I’m thinking of—it was a situation where we needed to have the impacted
individuals’ contact information. You may find yourself in a different situation and then this wouldn’t be
applicable and that’s fine. And I think that’s actually a big takeaway for all data breach, incidents,
management, preparedness is: each situation is unique, and you need to not worry if the way you are
approaching this doesn’t exactly match something that you’re reading. So, there may be some materials—
here’s a guidebook, here’s a guidance—those are great. But know that the situation you are going through
is unique to your company, it’s unique to the people at your company, and it’s unique to the fact pattern.
So, the way that you go through that should similarly be unique. So, that, knowing that may also be a
really great way to prepare.

Summary

• An organization’s privacy notice details information about that organization’s privacy practices,
values and commitments and is externally facing.
• In contrast, privacy policies are internal statements used for communicating best privacy practices
and addressing privacy and security, data management and data loss prevention.
• A well-functioning internal security policy prevents unauthorized or unnecessary access to
corporate data or resources—including intellectual property, financial data and personal
information.

©2022, International Association of Privacy Professionals, Inc. (IAPP)

 • Data inventories allow organizations to track what data is collected, how it is handled, where it is
stored and how it is classified.
• Classifying and categorizing data enables an organization to properly manage and protect the
assets in its possession such as, information assets (e.g., customer and employee data), physical
assets (e.g., workstations, laptops, etc.) and intellectual property (software code, trade secrets).
• Asset classifications include confidential (should remain secure and private), internal use (intended
for use within the organization only) and public (can be safely shared externally).
• When collected data is shared with third-party vendors, it should be handled according to the
commitments made to the data subject and data owner regardless of where their personal
information is located or how it is used. Third-party contracts should be detailed with clear
expectations of how data is to be managed.
• A privacy impact assessment (PIA) is an analysis of how personal information is handled during an
organization’s data life cycle and ensures organizations apply legal, regulatory and policy
requirements regarding privacy. A PIA also assesses privacy risks and recommends methods of risk
mitigation.
• A data protection impact assessment (DPIA) is a structured approach to mitigating risks and is
required under certain privacy regulations.

Review

1. Which of the following is something a privacy impact assessment (PIA) does not accomplish?

Ensures organizations apply legal, regulatory and policy requirements regarding privacy
Assesses privacy risks
Recommends methods of risk mitigation
Implements controls on data collection

The privacy responsibilities of the technology professional

Learning objective

• Understand what roles and responsibilities technology professionals hold when dealing with privacy

Privacy responsibilities

Data management begins with the business model and value stream. Most privacy-related solutions are
hardcoded to the business process, including data models. The technology process is a tool to support the
process and support the privacy objectives within the organization and the technology ecosystem. When
the technology professional is brought into the conversation around the privacy objectives of the
organization, they are better able to assist the organization in meeting those values and goals and taking
steps to forecast and mitigate risk. Privacy technologists ensure that computers, networks, applications,
websites, databases and security are maintained to protect data privacy according to company policy,
regulatory requirements and industry standards. Privacy technologists create a common understanding of
privacy needs and values concerning privacy. They make sense of the privacy issues through the controls
put in place throughout the design.

Evolving technology

Technology is always evolving. Similarly, privacy laws are as well. Along with laws that are already in
place and have been for decades, new laws continue to emerge. While laws and technology both continue
to evolve, change and emerge, technology progresses at a much more rapid pace than laws. How then do
privacy technologists design programs that are both flexible and innovative?

Contractual and regulatory requirements

©2022, International Association of Privacy Professionals, Inc. (IAPP)

Privacy technologists should work closely with the organization’s legal team. This will help to identify the
core requirements of various privacy laws and any potential risks that may impact the objectives and
obligations of an organization. Not all obligations of an organization’s policy require a technical aspect, but
knowing the key objectives affords a level of flexibility necessary for defining a governance program. It
allows for privacy governance and technology solutions to evolve, for example, automating processes that
were once manual. This strengthens the privacy policy of an organization and makes it more effective.
Consider the following example. Comparing the objectives of different laws, an objective can be designed
to meet both requirements. Privacy technologists can in turn orchestrate controls which support it.

Providing feedback: policies

As more privacy laws come into effect, evaluating privacy within an organization becomes clearer and
more measurable. Assessing the effectiveness of a privacy policy begins with the structure of the
compliance program, as it establishes the key objectives and associated internal controls to evaluate the
health of the overall program. This in turn can evaluate how controls are enforced since organizations
have a better understanding of where personal data is, and how and when it is used. This understanding
leads to improvements in privacy governance, allowing for a more tangible risk evaluation and sufficient
technological solutions to safeguard against privacy harms.

Common compliance terminology engages privacy technologists and other stakeholders, and is valuable in
creating a governance program and implementing the necessary privacy policies of any organization,
particularly with differing privacy standards and regulations among jurisdictions. Examples of common
terms include reasonable assurance. This implies that requirements and objectives are not absolute and
are based on criteria that is practical to implement and manage. They are flexible and continuously
monitored. Internal controls are objectives, tied to practical measurements, that are designed to evaluate
privacy program components. There are two types of internal controls: preventative, which stops an
activity, and detective, which identifies problematic activity. Overlapping safeguards is another common
term and is key to improving resiliency of compliance and assures measurability.

Together, these elements of compliance create structure that enables a clear and measurable framework
which can be translated across varying elements of a privacy program. Building from the example in the
previous slide, it is demonstrated how controls can be implemented to address both privacy and security.
Privacy controls determine who the authorized personnel for data access are by looking at the type of
personal information collected, its sensitivity and authorized users.

Information governance I

Security and privacy are intertwined, yet each have different roles in respect to technology. A security
professional has the technical knowledge of administration, and an understanding of risk management
practices that may allow them to integrate privacy into a technology system. Security is about protecting
data against unauthorized access and malicious action, where privacy is about enforcing the appropriate
use of that data within a secure environment. It addresses all ways that data is handled, including
collection, use, sharing, maintenance and retention. Privacy professionals also address risk management.
Security and privacy both rely on similar controls and technological capabilities.

Technology frameworks such as ITIL, ISO 27000, Information Technology Infrastructure Library and
COBIT (Control Objectives for Information and Related Technologies) provide service, process and
program management to an organization’s technology environment. Because the information
organizations collect is stored within technology systems, it is important that they can demonstrate
compliance with any laws or regulations that govern them.

Select each tool button for a brief overview of what each framework provides for an organization.

ITIL: Governed and owned by AXELOS. Provides an overall measurable view of a technology
system, service and functionality. ITIL reports on services provided by technology systems and

©2022, International Association of Privacy Professionals, Inc. (IAPP)

 helps organizations use technology to support change and growth. It has a limited view of risk
management.

COBIT: A more comprehensive program that helps with management of a technology system that
allows for technology governance. Technology governance focuses on systems and applications and
supports personnel who manage data within a company.

Information governance II

When privacy and technology work together to meet industry standards, organizations can establish a
common language of privacy controls and remain transparent. This is particularly critical when dealing
with international standards. Using common and accessible terms without compromising confidentiality
builds trust between organizations and stakeholders and is measurable against legal frameworks and
privacy standards. Privacy determines who is authorized to access the personal information, while security
implements the controls to that access. Review the example to see how privacy and security work
together to meet industry standards.

Information governance III

Implementing an effective privacy governance program depends on the choreography of all stakeholders
involved in processing personal data. A successful data privacy program depends on technical solutions to
ensure that data processing meets legal requirements. Information security plays a significant role in
controlling access to personal data. When internal groups work in concert to leverage skills, a strong
ability to protect personal data within existing controls results. Compliance helps in defining the controls,
both overlapping preventative and detective controls to further assure that legal and policy requirements
are being met. All of these elements come together to support effectual information governance within an
organization.

Organizations need to take into account existing and developing privacy and security threats when
identifying which technical approaches to implement. It is highly advantageous for organizations to move
to a more risk-based program and not focus solely on compliance.

Summary

• Privacy technologists ensure systems are maintained to protect data privacy and create a common
understanding of privacy needs and values concerning privacy.
• By working closely with an organization’s legal team, privacy technologists can more readily
identify the core requirements of various privacy laws and any potential risks that may impact the
objectives and obligations of an organization.
• Assessing the effectiveness of a privacy policy begins with the structure of the compliance
program, as that program establishes the key objectives and associated internal controls to
evaluate the health of the overall program.
• Common compliance terminology engages privacy technologists and other stakeholders and is
valuable in creating a privacy governance program and implementing the necessary privacy policies
of any organization.
• Security and privacy are intertwined. Security is about protecting data against unauthorized access
and malicious action, where privacy is about enforcing the appropriate use of the data within a
secure environment.
• Using common and accessible terms without compromising confidentiality builds trust between
organizations and stakeholders and is measurable against legal frameworks and privacy standards.
• A successful privacy program depends on technical solutions to ensure that data processing meets
legal requirements.

Review

©2022, International Association of Privacy Professionals, Inc. (IAPP)

1. Which of the following is not a privacy responsibility of a technology professional?

Ensuring compliance
Systems and process maintenance
Risk mitigation
Customer support

Information security
Learning objective

• Explain the role of information security in protecting privacy

Information security and privacy

The worlds of security and privacy frequently intersect. Security provides privacy an avenue through which
meaningful IT solutions can be developed to safeguard privacy. Similarly, security benefits from privacy,
supporting security solutions and processes with privacy legal requirements, and, in consequence,
reinforcing the mutual value of integrated privacy and security governance. Select "Next" to continue
learning about how information security protects privacy.

Transactions for confidential data

The comprehensive overall organization design of a system, also known as the enterprise architecture, is
designed to support the objectives of an organization. It recognizes that there is a relationship between all
elements of a system. This includes servers, data elements, process models and data flow, which describe
the order of operations and data exchanges, as well as the business processes of the organization.

Privacy of information must be considered within both the front and back ends of a technological
architecture, particularly when confidential information is collected for later use. Privacy is affected by
both viewpoints in different ways. Privacy technologists must ensure that the front end is useable and
notifies the user about the company’s privacy practices, while maintaining that the back-end design
applies the privacy principles of the stored information pertaining to what data is collected, how it is used,
shared and retained. Privacy technologists may consider using different architectures to achieve this
balance of privacy between the two ends.

Select each button to explore examples of architecture that allow for this balance and enable reuse of
confidential information.

Client-server architecture: With a client-server architecture, the client refers to a program that
runs on a local computer, while the server is a program that runs on a remote computer. This
architecture allows storing data on the client side for the purpose of completing a transaction. The
server side includes back-end services that respond to the client’s requests, and mechanisms can
be designed to track client behavior across multiple HTTP requests. It does not maintain shared
data between the client and server. This type of architecture assumes that the client data is secure,
and the storage and surveillance of the data is clear to the user. Otherwise, it poses a privacy
threat.

Service-oriented architecture: Service-oriented architecture is similar to client-server

architecture in that it decouples services from the large-scale servers. It allows designers to
replicate services across multiple machines.

©2022, International Association of Privacy Professionals, Inc. (IAPP)

 Plug-in-based architecture: Plug-in based architecture extends a user’s experience with a
website via the use of an app platform. Apps may have the ability to interact with a user and their
data, including location or contact information. Privacy technologists must ensure that privacy
notices are clear to prevent misuse of information.

Breach and incident response

Regardless of how secure an organization is, how detailed its privacy notices and policies are, or how well
its staff are trained, data breaches and other privacy incidents may still occur. Incidents do not always
result in data breaches, however. An incident is any event that can affect the confidentiality, integrity or
availability of the data. When personally identifiable information is involved, then it is a privacy incident;
examples include unauthorized disclosure, sharing or sale of data without consent, denial of service
attacks, malware infection, hacking attempts, data exfiltration, lost or stolen devices, and misdirected
emails. Some types of incidents are security incidents, some are privacy incidents, and some are both. It
should also be noted that not all data incidents are personal data incidents. Proprietary or confidential
data breaches are separate from a personal data breach. While many of the response actions are the
same, different legal standards may apply. Data breaches are caused when the resulting incident has
exposed the data to an unauthorized third party. Privacy technologists should understand the impact of
privacy events upon data subjects and an organization’s handling of data subjects’ personal information
and use that as input for identifying appropriate privacy technical measures.

Developing an incident response team along with having a breach or incident response plan in place
before an incident occurs is one more action an organization can take to be adequately prepared. Move
the slider to review the elements of an effective incident response plan.

Discovery: Actively monitoring system activity or suspicious changes to system activity is

essential in detecting an incident that could lead to a breach. Monitoring activity on a system could
detect tampering before any data is stolen. Users are also another line of defense in the detection
of privacy incidents or data breaches, by reporting suspicious activity.

Containment: A response plan should contain guidance on how to terminate an ongoing incident
while preserving any evidence of the affected data and origin of the incident. Containment is key to
stopping the threat before more damage is done. Do not wipe system logs. Remove and preserve
affected systems from the network. Fully document your investigation and include timestamps
while working through an investigation. Finally, a predetermined contingency plan should be
executed that allows the organization to continue functioning at some capacity while data or
resources are locked down during a privacy incident investigation.

Analyze and notify: For data breaches and other types of privacy incidents, notification laws vary
among jurisdictions. To be prepared, an organization should know what their notification
obligations are in such an event. Once a privacy incident or a breach has been detected and
determined, legal counsel should be involved to advise the response team regarding all legal
matters, including notification—to law enforcement, individuals and/or the public.

Some organizations contract with a vendor to provide consumer breach notification services as
they are up-to-date on laws surrounding breaches and can provide additional resources as needed.

Repercussions: Fines, lawsuits and nonmonetary repercussions often follow privacy incidents or
breaches. For example, media coverage of the incident may adversely affect an organization’s
reputation, resulting in decreased business and loss of consumer trust. As part of the incident
response team, a security analyst would handle an incident from start to finish including reporting
to senior management. A privacy technologist would act as a subject matter expert to help
diagnose the incident, mitigate the issue and provide information to the security analyst.

©2022, International Association of Privacy Professionals, Inc. (IAPP)

 Prevention: Privacy incidents can be used as a learning tool to address holes in security and
privacy procedures, review privacy policies to identify weaknesses and train employees as needed.

Third parties: Personal information in the hands of a third party, still falls under the responsibility
of the organization in the event of a breach, including provisions that describe the expectations and
obligations of the vendor should an incident occur.

Security and privacy in the systems development life cycle

Keeping systems and data secure and meeting privacy goals and needs are large tasks to be accomplished
throughout the life cycle of a system. Depending on the framework, these tasks are broken into phases.
Following we will look at a model of a systems development life cycle (SLDC) using the NICE framework
which divides security and privacy work into four categories: (1) Securely provision; (2) Operate and
maintain; (3) Protect and defend; and (4) Investigate.

(1) Securely provision

This phase encompasses the tasks focused on software development. To accomplish this, privacy
technologists will want to utilize a system development plan to ensure that all phases take place. Select
the button to review the phases of systems development.

Planning: Ensures that all security and regulatory and legal privacy requirements are considered.

Design: Chooses the architecture design of the system based on the technology required to meet
security and privacy mandates.

Technology research and development: Explores alternatives if existing solutions do not meet
those needs.

Testing and evaluation: Ensures that each component of a system meets its requirements.

Risk management: Identifies, documents and manages any risks related to the software quality,
compliance with regulations, or security and privacy issues that present themselves within the
system.

(2) Operate and maintain

Ensuring that the system is installed and configured correctly initially and throughout its use, is necessary
to meet security and privacy goals. Customer service and technical support are employed to further
strengthen a system’s security and privacy systems that are in place. Operation and maintenance also
encompass data administration that manage large volumes of sensitive data that may be housed within a
system, including analysis of an organization’s interoperation and management of the processes and tools
used to keep track of systems and their operations.

(3) Protect and defend

Actively protecting the system via vulnerability assessments and management tools address potential
threats and vulnerabilities to a system. A cyber defense infrastructure support also protects frameworks
and may include firewalls and system monitoring, as well as having incident response plans in place.

(4) Investigate

In the event of a system compromise through an attack, a complete investigation is necessary. This allows
for the discovery of: any specific data that was compromised, the method of compromise and may identify
who may have perpetrated the attack.

Summary

• Information security and privacy intersect, forming a bond that is mutually beneficial.

©2022, International Association of Privacy Professionals, Inc. (IAPP)

 • The comprehensive overall organizational design of a system, also known as the enterprise
architecture, is designed to support the objectives of an organization and recognizes that there is a
relationship between all elements of a system. Privacy technologists may use different
architectures to ensure this relationship is present.
• With a client-server architecture, the client refers to a program that runs on a local computer, while
the server is a program that runs on a remote computer. This allows storing data on the client side
for the purpose of completing a transaction.
• Service-oriented architecture decouples services from the large-scale servers. It allows designers
to replicate services across multiple machines.
• Plug-in based architecture extends a user’s experience with a website via the use of an app
platform, usually owned by a third party.
• Regardless of how secure an organization is, how detailed its privacy notices and policies are, or
how well its staff are trained, data breaches and other privacy incidents may still occur.
• An incident is any event that affects the confidentiality, integrity or availability of data and data
breaches occur when the resulting incident exposes data to an unauthorized third party.
• Developing an incident response team along with having a breach or incident response plan in
place before an incident occurs is one more action an organization can take to be adequately
prepared.
• Elements of an effective incident response plan include: discovery (actively monitoring to detect
incidents before they occur); containment (stopping the threat before damage is done); analyze
and notify (notifying those affected by an incident in the appropriate manner); repercussions (any
fines, lawsuits or nonmonetary results from an incident); prevention (addressing holes in security
and privacy procedures to negate future incidents); and third parties (how to account and plan for
incident effects outside the main organization).
• Keeping systems and data secure as well as meeting privacy goals and needs are large tasks to be
accomplished throughout the life cycle of a system. Depending on the framework, these tasks are
broken into phases.

Review

1. What term refers to the overall organizational design of a system and recognizes the relationship
between all elements of that system?

Enterprise architecture
Plug-in architecture
Client-based architecture
Service-oriented architecture

Review answers

Fundamentals of privacy-related IT
1. Implements controls on data collection
The privacy responsibilities of the technology professional
1. Customer support
Information security
1. Enterprise architecture

*Quiz questions are intended to help reinforce key topics covered in the module. They are not meant to
represent actual certification exam questions.

©2022, International Association of Privacy Professionals, Inc. (IAPP)