Home

Ebook Contactless Smart Card Applications: Design Tool and Privacy Impact Assessment

Submitted by puput on Wed, 09/02/2009 - 01:31

Privacy protection is good business, providing a competitive edge for many organizations. It is also a legislated mandate in Canada and in a growing number of countries. The most effective and economical time to incorporate it into your applications and systems is during the design stage. These strategic choices are related not only to the personal information that resides on your advanced card platform, but throughout your system, wherever it appears. Your corporate privacy policies, procedures and reporting complete the integrity of privacy protection.

This document will take you through each stage, outlining what you need to do, as well as your options. It not only helps you systematically design privacy in, but also results in documentation that can be used for marketing and certification purposes.

As the public and private sectors strive to offer new products and services, increase customer satisfaction and balance privacy and security, advanced card technologies provide the platform. This design tool will help you use their privacy enabling attributes.

Contents

Foreword
Executive Summary
Chapter 1: The Basics

    What is Privacy?
    Why is Privacy Important?
    Privacy and Identity Theft
    Identity Management and Form Factors
    Contactless Technology vs. Radio Frequency Identification (RFID)
    Switch Cards
    The Impact of Computer Technology on Privacy
    What is the Role of this Document?

Chapter 2: Privacy Protection Principles

    Accountability
    Recognition and Respect for Privacy
    Openness
    Purpose Specification
    Collection Limitations
    Notification
    Use
    Right of Access
    Right of Correction
    Accuracy
    Disclosure
    Retention and Disposal
    Security
    Aggregation
    Contractual Agreements
    Anonymity and Pseudonymity

Chapter 3: Privacy Assessment Checklist

    Description of the Proposed System Based on Advanced Cards
    Security of Multiple Sources of Information
    Description of the Personal Information to be Collected
    Purpose of the Collection
    How is the Notice of Collection Given and Informed Consent Obtained?
    Method of Collection
    Duration of the Collection of Personal Information
    Accuracy
    Method of Storage
    Key Personnel
    Description of Procedures for Access and Correction
    Procedures for Complaints and Appeals to Denial of Access or Correction
    Security
    Retention and Disposal

Chapter 4: Privacy and Your Application

    During the Design and Development of the Application
    Monitoring or Process Control System.
    Rules for Multiple Application Systems
    Contactless Technology Considerations

Chapter 5: The Process of Implementing and Maintaining a Privacy-Protective System

    Protection of Privacy as a Corporate Strategy
    The Corporate Planning Phase
    Documenting the Privacy Protection Policies and Procedures Phase
    Maintaining the Privacy Protection Phase
    Evaluation Phase

Conclusion
Appendix A: CSA Model Code
Appendix B: Example Privacy Protection Assessment Checklist
Appendix C: Example Data Field Checklist
Appendix D: Evaluation Grid
Glossary
Bibliography

Download
PDF Ebook Contactless Smart Card Applications: Design Tool and Privacy Impact Assessment

»

Posted in :