The Privacy Engineer's Manifesto : : Getting from Policy to Code to QA to Value.
Saved in:
| : | |
|---|---|
| TeilnehmendeR: | |
| Place / Publishing House: | Berkeley, CA : : Apress L. P.,, 2014. ©2014. |
| Year of Publication: | 2014 |
| Edition: | 1st ed. |
| Language: | English |
| Online Access: | |
| Physical Description: | 1 online resource (386 pages) |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| LEADER | 10762nam a22004453i 4500 | ||
|---|---|---|---|
| 001 | 5006422513 | ||
| 003 | MiAaPQ | ||
| 005 | 20240229073837.0 | ||
| 006 | m o d | | ||
| 007 | cr cnu|||||||| | ||
| 008 | 240229s2014 xx o ||||0 eng d | ||
| 020 | |a 9781430263562 |q (electronic bk.) | ||
| 020 | |z 9781430263555 | ||
| 035 | |a (MiAaPQ)5006422513 | ||
| 035 | |a (Au-PeEL)EBL6422513 | ||
| 035 | |a (OCoLC)1231606322 | ||
| 040 | |a MiAaPQ |b eng |e rda |e pn |c MiAaPQ |d MiAaPQ | ||
| 050 | 4 | |a QA76.9.A25 | |
| 100 | 1 | |a Dennedy, Michelle. | |
| 245 | 1 | 4 | |a The Privacy Engineer's Manifesto : |b Getting from Policy to Code to QA to Value. |
| 250 | |a 1st ed. | ||
| 264 | 1 | |a Berkeley, CA : |b Apress L. P., |c 2014. | |
| 264 | 4 | |c ©2014. | |
| 300 | |a 1 online resource (386 pages) | ||
| 336 | |a text |b txt |2 rdacontent | ||
| 337 | |a computer |b c |2 rdamedia | ||
| 338 | |a online resource |b cr |2 rdacarrier | ||
| 505 | 0 | |a Intro -- Contents at a Glance -- Contents -- About the Authors -- About the Technical Reviewers -- Acknowledgments -- Foreword, with the Zeal of a Convert -- Part1: Getting Your Head Around Privacy -- Chapter 1: Technology Evolution, People, and Privacy -- The Relationship Between Information Technology Innovation and Privacy -- The Information Age -- The Firewall Stage -- The Net Stage -- The Extranet Stage -- Access Stage -- The Intelligence Stage -- The Dawning of the Personal Information Service Economy -- Data-Centric and Person-Centric Processing -- Conclusion -- Chapter 2: Foundational Concepts and Frameworks -- What Is Privacy? -- Privacy Engineering -- Personal Information -- Privacy -- An Operational Definition of Privacy -- Processing of Personal Information -- Authorized -- Fair and Legitimate -- Fair Information Processing Principles and the OECD Guidelines -- Collection Limitation Principle -- Data Quality Principle -- Purpose Specification Principle -- Use Limitation Principle -- Security Safeguards Principle -- Openness Principle -- Individual Participation Principle -- Accountability Principle -- Other Governance Standards of which to be aware -- Privacy Is Not Confidentiality and Security Is Not Privacy -- Confidentiality ≠ Privacy -- Security ≠ Privacy -- The Overlaps -- The Disconnects -- Conclusion -- Chapter 3: Data and Privacy Governance Concepts -- Data Management: The Management of "Stuff" -- Data Governance -- Benefits of Data Governance -- The Privacy and Data Governance/Stewardship Connection -- Data Privacy Governance Frameworks -- Generally Accepted Privacy Principles (GAPP) -- Impact of Frameworks on the Privacy Engineer -- Frameworks Are Not the Same as Laws -- Privacy by Design -- How Privacy Engineering and Privacy by Design work Together -- Conclusion -- Part2: The Privacy Engineering Process. | |
| 505 | 8 | |a Chapter 4: Developing Privacy Policies -- Elements of Privacy Engineering Development -- Privacy Policy Development -- What Is a Good Policy? -- Designing a Privacy Policy -- What Should Be Included in a Privacy Policy? -- General-Level Privacy Policy Development -- Enterprise-Specific Privacy Development -- Internal vs. External Policies -- Policies, Present, and Future -- Conclusion -- Chapter 5: Developing Privacy Engineering Requirements -- Three Example Scenarios -- Example Scenario 1: The Privacy Component -- Example Scenario 2: A Runner's App -- Example Scenario 3: Hospitality Vacation Planner -- Privacy Requirements Engineering -- Privacy Requirements Engineering -- Use Cases: A Tool for Requirements Gathering -- Use Cases within Privacy Engineering -- Privacy Requirements Derived from Privacy Frameworks -- Develop Privacy Requirement Use Cases -- Use Case Metadata -- Use Case Metadata Model -- The Privacy Engineer's Use of Use Case Metadata -- Determining Data Requirements -- How Does the Distribution Channel Impact Privacy Engineering Requirements? -- Cloud Privacy Requirements -- Conclusion -- Chapter 6: A Privacy Engineering Lifecycle Methodology -- Enterprise Architecture -- Architectural Views -- Solution Architecture -- Develop Procedures, Processes, and Mechanisms -- Methodology -- System Engineering Lifecycle -- The Use of Models within the Methodology -- Stage 1: Project Initiation and Scoping Workshop -- Project Initiation Defines Project Processes -- Requirements Definition Within the Scoping Workshop -- Scoping Deliverables -- Stage 2: Develop Use Cases and Class or Data Models -- Develop Business Activity Diagrams -- Using the Business Activity Diagram for Privacy Assessment -- Defining Business and Privacy Data Classes -- Using the Unified Modeling Language Class Model as a Data Model -- Example: Privacy Component Class Model. | |
| 505 | 8 | |a Data Modeling Steps -- Stage 3: Design an Engineered Solution -- User Interface Design -- Basic User Interface Design Steps -- Mapping Business Class Objects to System and Technology Objects -- Prototyping Caveats -- User Interface Prototype -- Component Design -- What Is Component Architecture? -- Example: Privacy Component -- Privacy Rules -- Develop a System Activity Diagram -- Dynamic Modeling -- Define Service Components and Supporting Metadata -- Privacy Enabling Technologies -- Stage 4: Complete System Development -- Stages 5 and 6: Quality Assurance and Rollout -- Develop and Execute Test Cases -- Testing and Rollout Deliverables -- Knowledge Transfer -- Conclusion -- Chapter 7: The Privacy Component App -- Privacy Component Context Diagram -- Use Case Requirements to Build a "Privacy Component" -- The Privacy Component Class Model -- Developing the Unified Modeling Language Class Model -- Privacy Component User Interface Requirements -- Design the Privacy Component Solution -- The Privacy Component Solution Architecture -- The Privacy Component Class Structure -- Privacy Component System Activity Diagram -- Privacy Assessment Using the System Activity Diagram -- Develop the Privacy Component Design -- Using the System Development Methodology for the Privacy Component -- Conclusion -- Chapter 8: A Runner's Mobile App -- The Runner's Mobile App Use Case -- The Runner's App Class or Data Model -- The Runner's App User Experience Requirements -- Design the App Structure -- The Runner's App System Activity Diagram -- Privacy Assessment Using a System Activity Diagram -- Develop the Runner's App Component Design -- Using the System Development Methodology -- Conclusion -- Chapter 9: Vacation Planner Application -- Requirements Definition -- Use Case Metadata for Hospitality Vacation Planner Enterprise Application. | |
| 505 | 8 | |a Develop Business Activity Diagrams -- Business Activity Diagram for Scenario 3: Vacation Planning -- Activity Diagram Used as a Part of Privacy Assessment -- Privacy Component Class and Data Model -- Vacation Planner User Interface Requirements -- Design the Vacation Planner Solution -- The Vacation Planner Solution Architecture -- The Vacation Planner Component Architecture Structure -- Develop System Activity Diagrams -- Dynamic Modeling -- Define Service Components and Supporting Metadata -- Using the System Development Methodology -- Conclusion -- Chapter 10: Privacy Engineering and Quality Assurance -- Quality Assurance -- Using Frameworks to Create a Privacy Quality Assurance Checklist -- Purpose -- Notice -- Choice or Consent -- Transfer -- Access, Correction, or Deletion -- Security -- Minimization -- Proportionality -- Retention -- Act Responsibly -- Privacy Concerns During Quality Assurance -- Vector 1: Managing Privacy During Quality Assurance -- Vector 2: Privacy Impact Assessment: A Validation Tool -- Who Is Usually Involved in a PIA? -- What Should a Privacy Impact Assessment Document Contain? -- Vector 3: The Importance and Value of Privacy Impact Assessment to Key Stakeholders -- Resources for Conducting Privacy Impact Assessments -- Conclusion -- Part3: Organizing for the Privacy Information Age -- Chapter 11: Engineering Your Organization to Be Privacy Ready -- Privacy Responsibilities in Different Parts of the Organization -- Privacy Awareness and Readiness Assessments -- Define Existing Systems and Processes -- Consider the Context -- Skills Assessment -- Building the Operational Plan for Privacy Awareness and Readiness -- Building a Communication and Training Plan for Privacy Awareness and Readiness -- Communicating -- Internal Communications -- External Communication -- A Word About What Are Usually Important, but Boring Words. | |
| 505 | 8 | |a Monitoring and Adapting the Strategy -- Conclusion -- Chapter 12: Organizational Design and Alignment -- Organizational Placement and Structure -- Horizontal Privacy Team: Pros -- Horizontal Privacy Teams: Cons -- Common Privacy Engineering Roles -- Challenges of Bringing Privacy Engineering to the Forefront -- Expanding Executive Management Support -- Spreading Awareness and Gaining Cultural Acceptance -- Extending Your Reach with Limited Resources -- Creating Alliances -- Expanding the Scope of Data Governance -- Remaining Productive Amid Competing Priorities and Demands -- Best Practices for Organizational Alignment -- Aligning with Information Technology and Information Security -- Aligning with Data Governance Functions -- Benefits of Data Governance -- Business Benefits of Alignment -- Other Benefits -- Conclusion -- Part4: Where Do We Go from Here? -- Chapter 13: Value and Metrics for Data Assets -- Finding Values for Data -- Valuation Models -- Model 1 -- Model 2 -- Model 3 -- Model 4 -- Model 5 -- Building the Business Case -- Turning Talk into Action -- Conclusion -- Chapter 14: A Vision of the Future: The Privacy Engineer's Manifesto -- Where the Future Doesn't Need Us -- Even Social Networks (and Their Leaders) Get Cranky When Their Privacy Is Compromised -- Let's Remember How We Got Here -- Privacy Is Not a One-Size-Fits-All Formula -- Innovation and Privacy -- Societal Pressures and Privacy -- It Still Comes Down to Trust and Value -- A New Building Code for Privacy -- Getting Started -- A Privacy Engineer's Manifesto -- Conclusion -- Appendix A: Use-Case Metadata -- Example Use-Case Format -- Appendix B: Meet the Contributors -- Index. | |
| 588 | |a Description based on publisher supplied metadata and other sources. | ||
| 590 | |a Electronic reproduction. Ann Arbor, Michigan : ProQuest Ebook Central, 2024. Available via World Wide Web. Access may be limited to ProQuest Ebook Central affiliated libraries. | ||
| 655 | 4 | |a Electronic books. | |
| 700 | 1 | |a Fox, Jonathan. | |
| 700 | 1 | |a Finneran, Tom. | |
| 776 | 0 | 8 | |i Print version: |a Dennedy, Michelle |t The Privacy Engineer's Manifesto |d Berkeley, CA : Apress L. P.,c2014 |z 9781430263555 |
| 797 | 2 | |a ProQuest (Firm) | |
| 856 | 4 | 0 | |u https://ebookcentral.proquest.com/lib/oeawat/detail.action?docID=6422513 |z Click to View |