The Privacy Engineer's Manifesto : : Getting from Policy to Code to QA to Value.

The Privacy Engineer's Manifesto : : Getting from Policy to Code to QA to Value.

Saved in:
Bibliographic Details
:
Dennedy, Michelle.
TeilnehmendeR:
Fox, Jonathan.
Finneran, Tom.
Place / Publishing House:Berkeley, CA : : Apress L. P.,, 2014.
©2014.
Year of Publication:2014
Edition:1st ed.
Language:English
Online Access:
Physical Description:1 online resource (386 pages)
Tags: Add Tag
No Tags, Be the first to tag this record!
id 5006422513
ctrlnum (MiAaPQ)5006422513
(Au-PeEL)EBL6422513
(OCoLC)1231606322
collection bib_alma
record_format marc
spelling Dennedy, Michelle.
The Privacy Engineer's Manifesto : Getting from Policy to Code to QA to Value.
1st ed.
Berkeley, CA : Apress L. P., 2014.
©2014.
1 online resource (386 pages)
text txt rdacontent
computer c rdamedia
online resource cr rdacarrier
Intro -- Contents at a Glance -- Contents -- About the Authors -- About the Technical Reviewers -- Acknowledgments -- Foreword, with the Zeal of a Convert -- Part1: Getting Your Head Around Privacy -- Chapter 1: Technology Evolution, People, and Privacy -- The Relationship Between Information Technology Innovation and Privacy -- The Information Age -- The Firewall Stage -- The Net Stage -- The Extranet Stage -- Access Stage -- The Intelligence Stage -- The Dawning of the Personal Information Service Economy -- Data-Centric and Person-Centric Processing -- Conclusion -- Chapter 2: Foundational Concepts and Frameworks -- What Is Privacy? -- Privacy Engineering -- Personal Information -- Privacy -- An Operational Definition of Privacy -- Processing of Personal Information -- Authorized -- Fair and Legitimate -- Fair Information Processing Principles and the OECD Guidelines -- Collection Limitation Principle -- Data Quality Principle -- Purpose Specification Principle -- Use Limitation Principle -- Security Safeguards Principle -- Openness Principle -- Individual Participation Principle -- Accountability Principle -- Other Governance Standards of which to be aware -- Privacy Is Not Confidentiality and Security Is Not Privacy -- Confidentiality ≠ Privacy -- Security ≠ Privacy -- The Overlaps -- The Disconnects -- Conclusion -- Chapter 3: Data and Privacy Governance Concepts -- Data Management: The Management of "Stuff" -- Data Governance -- Benefits of Data Governance -- The Privacy and Data Governance/Stewardship Connection -- Data Privacy Governance Frameworks -- Generally Accepted Privacy Principles (GAPP) -- Impact of Frameworks on the Privacy Engineer -- Frameworks Are Not the Same as Laws -- Privacy by Design -- How Privacy Engineering and Privacy by Design work Together -- Conclusion -- Part2: The Privacy Engineering Process.
Chapter 4: Developing Privacy Policies -- Elements of Privacy Engineering Development -- Privacy Policy Development -- What Is a Good Policy? -- Designing a Privacy Policy -- What Should Be Included in a Privacy Policy? -- General-Level Privacy Policy Development -- Enterprise-Specific Privacy Development -- Internal vs. External Policies -- Policies, Present, and Future -- Conclusion -- Chapter 5: Developing Privacy Engineering Requirements -- Three Example Scenarios -- Example Scenario 1: The Privacy Component -- Example Scenario 2: A Runner's App -- Example Scenario 3: Hospitality Vacation Planner -- Privacy Requirements Engineering -- Privacy Requirements Engineering -- Use Cases: A Tool for Requirements Gathering -- Use Cases within Privacy Engineering -- Privacy Requirements Derived from Privacy Frameworks -- Develop Privacy Requirement Use Cases -- Use Case Metadata -- Use Case Metadata Model -- The Privacy Engineer's Use of Use Case Metadata -- Determining Data Requirements -- How Does the Distribution Channel Impact Privacy Engineering Requirements? -- Cloud Privacy Requirements -- Conclusion -- Chapter 6: A Privacy Engineering Lifecycle Methodology -- Enterprise Architecture -- Architectural Views -- Solution Architecture -- Develop Procedures, Processes, and Mechanisms -- Methodology -- System Engineering Lifecycle -- The Use of Models within the Methodology -- Stage 1: Project Initiation and Scoping Workshop -- Project Initiation Defines Project Processes -- Requirements Definition Within the Scoping Workshop -- Scoping Deliverables -- Stage 2: Develop Use Cases and Class or Data Models -- Develop Business Activity Diagrams -- Using the Business Activity Diagram for Privacy Assessment -- Defining Business and Privacy Data Classes -- Using the Unified Modeling Language Class Model as a Data Model -- Example: Privacy Component Class Model.
Data Modeling Steps -- Stage 3: Design an Engineered Solution -- User Interface Design -- Basic User Interface Design Steps -- Mapping Business Class Objects to System and Technology Objects -- Prototyping Caveats -- User Interface Prototype -- Component Design -- What Is Component Architecture? -- Example: Privacy Component -- Privacy Rules -- Develop a System Activity Diagram -- Dynamic Modeling -- Define Service Components and Supporting Metadata -- Privacy Enabling Technologies -- Stage 4: Complete System Development -- Stages 5 and 6: Quality Assurance and Rollout -- Develop and Execute Test Cases -- Testing and Rollout Deliverables -- Knowledge Transfer -- Conclusion -- Chapter 7: The Privacy Component App -- Privacy Component Context Diagram -- Use Case Requirements to Build a "Privacy Component" -- The Privacy Component Class Model -- Developing the Unified Modeling Language Class Model -- Privacy Component User Interface Requirements -- Design the Privacy Component Solution -- The Privacy Component Solution Architecture -- The Privacy Component Class Structure -- Privacy Component System Activity Diagram -- Privacy Assessment Using the System Activity Diagram -- Develop the Privacy Component Design -- Using the System Development Methodology for the Privacy Component -- Conclusion -- Chapter 8: A Runner's Mobile App -- The Runner's Mobile App Use Case -- The Runner's App Class or Data Model -- The Runner's App User Experience Requirements -- Design the App Structure -- The Runner's App System Activity Diagram -- Privacy Assessment Using a System Activity Diagram -- Develop the Runner's App Component Design -- Using the System Development Methodology -- Conclusion -- Chapter 9: Vacation Planner Application -- Requirements Definition -- Use Case Metadata for Hospitality Vacation Planner Enterprise Application.
Develop Business Activity Diagrams -- Business Activity Diagram for Scenario 3: Vacation Planning -- Activity Diagram Used as a Part of Privacy Assessment -- Privacy Component Class and Data Model -- Vacation Planner User Interface Requirements -- Design the Vacation Planner Solution -- The Vacation Planner Solution Architecture -- The Vacation Planner Component Architecture Structure -- Develop System Activity Diagrams -- Dynamic Modeling -- Define Service Components and Supporting Metadata -- Using the System Development Methodology -- Conclusion -- Chapter 10: Privacy Engineering and Quality Assurance -- Quality Assurance -- Using Frameworks to Create a Privacy Quality Assurance Checklist -- Purpose -- Notice -- Choice or Consent -- Transfer -- Access, Correction, or Deletion -- Security -- Minimization -- Proportionality -- Retention -- Act Responsibly -- Privacy Concerns During Quality Assurance -- Vector 1: Managing Privacy During Quality Assurance -- Vector 2: Privacy Impact Assessment: A Validation Tool -- Who Is Usually Involved in a PIA? -- What Should a Privacy Impact Assessment Document Contain? -- Vector 3: The Importance and Value of Privacy Impact Assessment to Key Stakeholders -- Resources for Conducting Privacy Impact Assessments -- Conclusion -- Part3: Organizing for the Privacy Information Age -- Chapter 11: Engineering Your Organization to Be Privacy Ready -- Privacy Responsibilities in Different Parts of the Organization -- Privacy Awareness and Readiness Assessments -- Define Existing Systems and Processes -- Consider the Context -- Skills Assessment -- Building the Operational Plan for Privacy Awareness and Readiness -- Building a Communication and Training Plan for Privacy Awareness and Readiness -- Communicating -- Internal Communications -- External Communication -- A Word About What Are Usually Important, but Boring Words.
Monitoring and Adapting the Strategy -- Conclusion -- Chapter 12: Organizational Design and Alignment -- Organizational Placement and Structure -- Horizontal Privacy Team: Pros -- Horizontal Privacy Teams: Cons -- Common Privacy Engineering Roles -- Challenges of Bringing Privacy Engineering to the Forefront -- Expanding Executive Management Support -- Spreading Awareness and Gaining Cultural Acceptance -- Extending Your Reach with Limited Resources -- Creating Alliances -- Expanding the Scope of Data Governance -- Remaining Productive Amid Competing Priorities and Demands -- Best Practices for Organizational Alignment -- Aligning with Information Technology and Information Security -- Aligning with Data Governance Functions -- Benefits of Data Governance -- Business Benefits of Alignment -- Other Benefits -- Conclusion -- Part4: Where Do We Go from Here? -- Chapter 13: Value and Metrics for Data Assets -- Finding Values for Data -- Valuation Models -- Model 1 -- Model 2 -- Model 3 -- Model 4 -- Model 5 -- Building the Business Case -- Turning Talk into Action -- Conclusion -- Chapter 14: A Vision of the Future: The Privacy Engineer's Manifesto -- Where the Future Doesn't Need Us -- Even Social Networks (and Their Leaders) Get Cranky When Their Privacy Is Compromised -- Let's Remember How We Got Here -- Privacy Is Not a One-Size-Fits-All Formula -- Innovation and Privacy -- Societal Pressures and Privacy -- It Still Comes Down to Trust and Value -- A New Building Code for Privacy -- Getting Started -- A Privacy Engineer's Manifesto -- Conclusion -- Appendix A: Use-Case Metadata -- Example Use-Case Format -- Appendix B: Meet the Contributors -- Index.
Description based on publisher supplied metadata and other sources.
Electronic reproduction. Ann Arbor, Michigan : ProQuest Ebook Central, 2024. Available via World Wide Web. Access may be limited to ProQuest Ebook Central affiliated libraries.
Electronic books.
Fox, Jonathan.
Finneran, Tom.
Print version: Dennedy, Michelle The Privacy Engineer's Manifesto Berkeley, CA : Apress L. P.,c2014 9781430263555
ProQuest (Firm)
https://ebookcentral.proquest.com/lib/oeawat/detail.action?docID=6422513 Click to View
language English
format eBook
author Dennedy, Michelle.
spellingShingle Dennedy, Michelle.
The Privacy Engineer's Manifesto : Getting from Policy to Code to QA to Value.
Intro -- Contents at a Glance -- Contents -- About the Authors -- About the Technical Reviewers -- Acknowledgments -- Foreword, with the Zeal of a Convert -- Part1: Getting Your Head Around Privacy -- Chapter 1: Technology Evolution, People, and Privacy -- The Relationship Between Information Technology Innovation and Privacy -- The Information Age -- The Firewall Stage -- The Net Stage -- The Extranet Stage -- Access Stage -- The Intelligence Stage -- The Dawning of the Personal Information Service Economy -- Data-Centric and Person-Centric Processing -- Conclusion -- Chapter 2: Foundational Concepts and Frameworks -- What Is Privacy? -- Privacy Engineering -- Personal Information -- Privacy -- An Operational Definition of Privacy -- Processing of Personal Information -- Authorized -- Fair and Legitimate -- Fair Information Processing Principles and the OECD Guidelines -- Collection Limitation Principle -- Data Quality Principle -- Purpose Specification Principle -- Use Limitation Principle -- Security Safeguards Principle -- Openness Principle -- Individual Participation Principle -- Accountability Principle -- Other Governance Standards of which to be aware -- Privacy Is Not Confidentiality and Security Is Not Privacy -- Confidentiality ≠ Privacy -- Security ≠ Privacy -- The Overlaps -- The Disconnects -- Conclusion -- Chapter 3: Data and Privacy Governance Concepts -- Data Management: The Management of "Stuff" -- Data Governance -- Benefits of Data Governance -- The Privacy and Data Governance/Stewardship Connection -- Data Privacy Governance Frameworks -- Generally Accepted Privacy Principles (GAPP) -- Impact of Frameworks on the Privacy Engineer -- Frameworks Are Not the Same as Laws -- Privacy by Design -- How Privacy Engineering and Privacy by Design work Together -- Conclusion -- Part2: The Privacy Engineering Process.
Chapter 4: Developing Privacy Policies -- Elements of Privacy Engineering Development -- Privacy Policy Development -- What Is a Good Policy? -- Designing a Privacy Policy -- What Should Be Included in a Privacy Policy? -- General-Level Privacy Policy Development -- Enterprise-Specific Privacy Development -- Internal vs. External Policies -- Policies, Present, and Future -- Conclusion -- Chapter 5: Developing Privacy Engineering Requirements -- Three Example Scenarios -- Example Scenario 1: The Privacy Component -- Example Scenario 2: A Runner's App -- Example Scenario 3: Hospitality Vacation Planner -- Privacy Requirements Engineering -- Privacy Requirements Engineering -- Use Cases: A Tool for Requirements Gathering -- Use Cases within Privacy Engineering -- Privacy Requirements Derived from Privacy Frameworks -- Develop Privacy Requirement Use Cases -- Use Case Metadata -- Use Case Metadata Model -- The Privacy Engineer's Use of Use Case Metadata -- Determining Data Requirements -- How Does the Distribution Channel Impact Privacy Engineering Requirements? -- Cloud Privacy Requirements -- Conclusion -- Chapter 6: A Privacy Engineering Lifecycle Methodology -- Enterprise Architecture -- Architectural Views -- Solution Architecture -- Develop Procedures, Processes, and Mechanisms -- Methodology -- System Engineering Lifecycle -- The Use of Models within the Methodology -- Stage 1: Project Initiation and Scoping Workshop -- Project Initiation Defines Project Processes -- Requirements Definition Within the Scoping Workshop -- Scoping Deliverables -- Stage 2: Develop Use Cases and Class or Data Models -- Develop Business Activity Diagrams -- Using the Business Activity Diagram for Privacy Assessment -- Defining Business and Privacy Data Classes -- Using the Unified Modeling Language Class Model as a Data Model -- Example: Privacy Component Class Model.
Data Modeling Steps -- Stage 3: Design an Engineered Solution -- User Interface Design -- Basic User Interface Design Steps -- Mapping Business Class Objects to System and Technology Objects -- Prototyping Caveats -- User Interface Prototype -- Component Design -- What Is Component Architecture? -- Example: Privacy Component -- Privacy Rules -- Develop a System Activity Diagram -- Dynamic Modeling -- Define Service Components and Supporting Metadata -- Privacy Enabling Technologies -- Stage 4: Complete System Development -- Stages 5 and 6: Quality Assurance and Rollout -- Develop and Execute Test Cases -- Testing and Rollout Deliverables -- Knowledge Transfer -- Conclusion -- Chapter 7: The Privacy Component App -- Privacy Component Context Diagram -- Use Case Requirements to Build a "Privacy Component" -- The Privacy Component Class Model -- Developing the Unified Modeling Language Class Model -- Privacy Component User Interface Requirements -- Design the Privacy Component Solution -- The Privacy Component Solution Architecture -- The Privacy Component Class Structure -- Privacy Component System Activity Diagram -- Privacy Assessment Using the System Activity Diagram -- Develop the Privacy Component Design -- Using the System Development Methodology for the Privacy Component -- Conclusion -- Chapter 8: A Runner's Mobile App -- The Runner's Mobile App Use Case -- The Runner's App Class or Data Model -- The Runner's App User Experience Requirements -- Design the App Structure -- The Runner's App System Activity Diagram -- Privacy Assessment Using a System Activity Diagram -- Develop the Runner's App Component Design -- Using the System Development Methodology -- Conclusion -- Chapter 9: Vacation Planner Application -- Requirements Definition -- Use Case Metadata for Hospitality Vacation Planner Enterprise Application.
Develop Business Activity Diagrams -- Business Activity Diagram for Scenario 3: Vacation Planning -- Activity Diagram Used as a Part of Privacy Assessment -- Privacy Component Class and Data Model -- Vacation Planner User Interface Requirements -- Design the Vacation Planner Solution -- The Vacation Planner Solution Architecture -- The Vacation Planner Component Architecture Structure -- Develop System Activity Diagrams -- Dynamic Modeling -- Define Service Components and Supporting Metadata -- Using the System Development Methodology -- Conclusion -- Chapter 10: Privacy Engineering and Quality Assurance -- Quality Assurance -- Using Frameworks to Create a Privacy Quality Assurance Checklist -- Purpose -- Notice -- Choice or Consent -- Transfer -- Access, Correction, or Deletion -- Security -- Minimization -- Proportionality -- Retention -- Act Responsibly -- Privacy Concerns During Quality Assurance -- Vector 1: Managing Privacy During Quality Assurance -- Vector 2: Privacy Impact Assessment: A Validation Tool -- Who Is Usually Involved in a PIA? -- What Should a Privacy Impact Assessment Document Contain? -- Vector 3: The Importance and Value of Privacy Impact Assessment to Key Stakeholders -- Resources for Conducting Privacy Impact Assessments -- Conclusion -- Part3: Organizing for the Privacy Information Age -- Chapter 11: Engineering Your Organization to Be Privacy Ready -- Privacy Responsibilities in Different Parts of the Organization -- Privacy Awareness and Readiness Assessments -- Define Existing Systems and Processes -- Consider the Context -- Skills Assessment -- Building the Operational Plan for Privacy Awareness and Readiness -- Building a Communication and Training Plan for Privacy Awareness and Readiness -- Communicating -- Internal Communications -- External Communication -- A Word About What Are Usually Important, but Boring Words.
Monitoring and Adapting the Strategy -- Conclusion -- Chapter 12: Organizational Design and Alignment -- Organizational Placement and Structure -- Horizontal Privacy Team: Pros -- Horizontal Privacy Teams: Cons -- Common Privacy Engineering Roles -- Challenges of Bringing Privacy Engineering to the Forefront -- Expanding Executive Management Support -- Spreading Awareness and Gaining Cultural Acceptance -- Extending Your Reach with Limited Resources -- Creating Alliances -- Expanding the Scope of Data Governance -- Remaining Productive Amid Competing Priorities and Demands -- Best Practices for Organizational Alignment -- Aligning with Information Technology and Information Security -- Aligning with Data Governance Functions -- Benefits of Data Governance -- Business Benefits of Alignment -- Other Benefits -- Conclusion -- Part4: Where Do We Go from Here? -- Chapter 13: Value and Metrics for Data Assets -- Finding Values for Data -- Valuation Models -- Model 1 -- Model 2 -- Model 3 -- Model 4 -- Model 5 -- Building the Business Case -- Turning Talk into Action -- Conclusion -- Chapter 14: A Vision of the Future: The Privacy Engineer's Manifesto -- Where the Future Doesn't Need Us -- Even Social Networks (and Their Leaders) Get Cranky When Their Privacy Is Compromised -- Let's Remember How We Got Here -- Privacy Is Not a One-Size-Fits-All Formula -- Innovation and Privacy -- Societal Pressures and Privacy -- It Still Comes Down to Trust and Value -- A New Building Code for Privacy -- Getting Started -- A Privacy Engineer's Manifesto -- Conclusion -- Appendix A: Use-Case Metadata -- Example Use-Case Format -- Appendix B: Meet the Contributors -- Index.
author_facet Dennedy, Michelle.
Fox, Jonathan.
Finneran, Tom.
author_variant m d md
author2 Fox, Jonathan.
Finneran, Tom.
author2_variant j f jf
t f tf
author2_role TeilnehmendeR
TeilnehmendeR
author_sort Dennedy, Michelle.
title The Privacy Engineer's Manifesto : Getting from Policy to Code to QA to Value.
title_sub Getting from Policy to Code to QA to Value.
title_full The Privacy Engineer's Manifesto : Getting from Policy to Code to QA to Value.
title_fullStr The Privacy Engineer's Manifesto : Getting from Policy to Code to QA to Value.
title_full_unstemmed The Privacy Engineer's Manifesto : Getting from Policy to Code to QA to Value.
title_auth The Privacy Engineer's Manifesto : Getting from Policy to Code to QA to Value.
title_new The Privacy Engineer's Manifesto :
title_sort the privacy engineer's manifesto : getting from policy to code to qa to value.
publisher Apress L. P.,
publishDate 2014
physical 1 online resource (386 pages)
edition 1st ed.
contents Intro -- Contents at a Glance -- Contents -- About the Authors -- About the Technical Reviewers -- Acknowledgments -- Foreword, with the Zeal of a Convert -- Part1: Getting Your Head Around Privacy -- Chapter 1: Technology Evolution, People, and Privacy -- The Relationship Between Information Technology Innovation and Privacy -- The Information Age -- The Firewall Stage -- The Net Stage -- The Extranet Stage -- Access Stage -- The Intelligence Stage -- The Dawning of the Personal Information Service Economy -- Data-Centric and Person-Centric Processing -- Conclusion -- Chapter 2: Foundational Concepts and Frameworks -- What Is Privacy? -- Privacy Engineering -- Personal Information -- Privacy -- An Operational Definition of Privacy -- Processing of Personal Information -- Authorized -- Fair and Legitimate -- Fair Information Processing Principles and the OECD Guidelines -- Collection Limitation Principle -- Data Quality Principle -- Purpose Specification Principle -- Use Limitation Principle -- Security Safeguards Principle -- Openness Principle -- Individual Participation Principle -- Accountability Principle -- Other Governance Standards of which to be aware -- Privacy Is Not Confidentiality and Security Is Not Privacy -- Confidentiality ≠ Privacy -- Security ≠ Privacy -- The Overlaps -- The Disconnects -- Conclusion -- Chapter 3: Data and Privacy Governance Concepts -- Data Management: The Management of "Stuff" -- Data Governance -- Benefits of Data Governance -- The Privacy and Data Governance/Stewardship Connection -- Data Privacy Governance Frameworks -- Generally Accepted Privacy Principles (GAPP) -- Impact of Frameworks on the Privacy Engineer -- Frameworks Are Not the Same as Laws -- Privacy by Design -- How Privacy Engineering and Privacy by Design work Together -- Conclusion -- Part2: The Privacy Engineering Process.
Chapter 4: Developing Privacy Policies -- Elements of Privacy Engineering Development -- Privacy Policy Development -- What Is a Good Policy? -- Designing a Privacy Policy -- What Should Be Included in a Privacy Policy? -- General-Level Privacy Policy Development -- Enterprise-Specific Privacy Development -- Internal vs. External Policies -- Policies, Present, and Future -- Conclusion -- Chapter 5: Developing Privacy Engineering Requirements -- Three Example Scenarios -- Example Scenario 1: The Privacy Component -- Example Scenario 2: A Runner's App -- Example Scenario 3: Hospitality Vacation Planner -- Privacy Requirements Engineering -- Privacy Requirements Engineering -- Use Cases: A Tool for Requirements Gathering -- Use Cases within Privacy Engineering -- Privacy Requirements Derived from Privacy Frameworks -- Develop Privacy Requirement Use Cases -- Use Case Metadata -- Use Case Metadata Model -- The Privacy Engineer's Use of Use Case Metadata -- Determining Data Requirements -- How Does the Distribution Channel Impact Privacy Engineering Requirements? -- Cloud Privacy Requirements -- Conclusion -- Chapter 6: A Privacy Engineering Lifecycle Methodology -- Enterprise Architecture -- Architectural Views -- Solution Architecture -- Develop Procedures, Processes, and Mechanisms -- Methodology -- System Engineering Lifecycle -- The Use of Models within the Methodology -- Stage 1: Project Initiation and Scoping Workshop -- Project Initiation Defines Project Processes -- Requirements Definition Within the Scoping Workshop -- Scoping Deliverables -- Stage 2: Develop Use Cases and Class or Data Models -- Develop Business Activity Diagrams -- Using the Business Activity Diagram for Privacy Assessment -- Defining Business and Privacy Data Classes -- Using the Unified Modeling Language Class Model as a Data Model -- Example: Privacy Component Class Model.
Data Modeling Steps -- Stage 3: Design an Engineered Solution -- User Interface Design -- Basic User Interface Design Steps -- Mapping Business Class Objects to System and Technology Objects -- Prototyping Caveats -- User Interface Prototype -- Component Design -- What Is Component Architecture? -- Example: Privacy Component -- Privacy Rules -- Develop a System Activity Diagram -- Dynamic Modeling -- Define Service Components and Supporting Metadata -- Privacy Enabling Technologies -- Stage 4: Complete System Development -- Stages 5 and 6: Quality Assurance and Rollout -- Develop and Execute Test Cases -- Testing and Rollout Deliverables -- Knowledge Transfer -- Conclusion -- Chapter 7: The Privacy Component App -- Privacy Component Context Diagram -- Use Case Requirements to Build a "Privacy Component" -- The Privacy Component Class Model -- Developing the Unified Modeling Language Class Model -- Privacy Component User Interface Requirements -- Design the Privacy Component Solution -- The Privacy Component Solution Architecture -- The Privacy Component Class Structure -- Privacy Component System Activity Diagram -- Privacy Assessment Using the System Activity Diagram -- Develop the Privacy Component Design -- Using the System Development Methodology for the Privacy Component -- Conclusion -- Chapter 8: A Runner's Mobile App -- The Runner's Mobile App Use Case -- The Runner's App Class or Data Model -- The Runner's App User Experience Requirements -- Design the App Structure -- The Runner's App System Activity Diagram -- Privacy Assessment Using a System Activity Diagram -- Develop the Runner's App Component Design -- Using the System Development Methodology -- Conclusion -- Chapter 9: Vacation Planner Application -- Requirements Definition -- Use Case Metadata for Hospitality Vacation Planner Enterprise Application.
Develop Business Activity Diagrams -- Business Activity Diagram for Scenario 3: Vacation Planning -- Activity Diagram Used as a Part of Privacy Assessment -- Privacy Component Class and Data Model -- Vacation Planner User Interface Requirements -- Design the Vacation Planner Solution -- The Vacation Planner Solution Architecture -- The Vacation Planner Component Architecture Structure -- Develop System Activity Diagrams -- Dynamic Modeling -- Define Service Components and Supporting Metadata -- Using the System Development Methodology -- Conclusion -- Chapter 10: Privacy Engineering and Quality Assurance -- Quality Assurance -- Using Frameworks to Create a Privacy Quality Assurance Checklist -- Purpose -- Notice -- Choice or Consent -- Transfer -- Access, Correction, or Deletion -- Security -- Minimization -- Proportionality -- Retention -- Act Responsibly -- Privacy Concerns During Quality Assurance -- Vector 1: Managing Privacy During Quality Assurance -- Vector 2: Privacy Impact Assessment: A Validation Tool -- Who Is Usually Involved in a PIA? -- What Should a Privacy Impact Assessment Document Contain? -- Vector 3: The Importance and Value of Privacy Impact Assessment to Key Stakeholders -- Resources for Conducting Privacy Impact Assessments -- Conclusion -- Part3: Organizing for the Privacy Information Age -- Chapter 11: Engineering Your Organization to Be Privacy Ready -- Privacy Responsibilities in Different Parts of the Organization -- Privacy Awareness and Readiness Assessments -- Define Existing Systems and Processes -- Consider the Context -- Skills Assessment -- Building the Operational Plan for Privacy Awareness and Readiness -- Building a Communication and Training Plan for Privacy Awareness and Readiness -- Communicating -- Internal Communications -- External Communication -- A Word About What Are Usually Important, but Boring Words.
Monitoring and Adapting the Strategy -- Conclusion -- Chapter 12: Organizational Design and Alignment -- Organizational Placement and Structure -- Horizontal Privacy Team: Pros -- Horizontal Privacy Teams: Cons -- Common Privacy Engineering Roles -- Challenges of Bringing Privacy Engineering to the Forefront -- Expanding Executive Management Support -- Spreading Awareness and Gaining Cultural Acceptance -- Extending Your Reach with Limited Resources -- Creating Alliances -- Expanding the Scope of Data Governance -- Remaining Productive Amid Competing Priorities and Demands -- Best Practices for Organizational Alignment -- Aligning with Information Technology and Information Security -- Aligning with Data Governance Functions -- Benefits of Data Governance -- Business Benefits of Alignment -- Other Benefits -- Conclusion -- Part4: Where Do We Go from Here? -- Chapter 13: Value and Metrics for Data Assets -- Finding Values for Data -- Valuation Models -- Model 1 -- Model 2 -- Model 3 -- Model 4 -- Model 5 -- Building the Business Case -- Turning Talk into Action -- Conclusion -- Chapter 14: A Vision of the Future: The Privacy Engineer's Manifesto -- Where the Future Doesn't Need Us -- Even Social Networks (and Their Leaders) Get Cranky When Their Privacy Is Compromised -- Let's Remember How We Got Here -- Privacy Is Not a One-Size-Fits-All Formula -- Innovation and Privacy -- Societal Pressures and Privacy -- It Still Comes Down to Trust and Value -- A New Building Code for Privacy -- Getting Started -- A Privacy Engineer's Manifesto -- Conclusion -- Appendix A: Use-Case Metadata -- Example Use-Case Format -- Appendix B: Meet the Contributors -- Index.
isbn 9781430263562
9781430263555
callnumber-first Q - Science
callnumber-subject QA - Mathematics
callnumber-label QA76
callnumber-sort QA 276.9 A25
genre Electronic books.
genre_facet Electronic books.
url https://ebookcentral.proquest.com/lib/oeawat/detail.action?docID=6422513
illustrated Not Illustrated
oclc_num 1231606322
work_keys_str_mv AT dennedymichelle theprivacyengineersmanifestogettingfrompolicytocodetoqatovalue
AT foxjonathan theprivacyengineersmanifestogettingfrompolicytocodetoqatovalue
AT finnerantom theprivacyengineersmanifestogettingfrompolicytocodetoqatovalue
AT dennedymichelle privacyengineersmanifestogettingfrompolicytocodetoqatovalue
AT foxjonathan privacyengineersmanifestogettingfrompolicytocodetoqatovalue
AT finnerantom privacyengineersmanifestogettingfrompolicytocodetoqatovalue
status_str n
ids_txt_mv (MiAaPQ)5006422513
(Au-PeEL)EBL6422513
(OCoLC)1231606322
carrierType_str_mv cr
is_hierarchy_title The Privacy Engineer's Manifesto : Getting from Policy to Code to QA to Value.
author2_original_writing_str_mv noLinkedField
noLinkedField
marc_error Info : MARC8 translation shorter than ISO-8859-1, choosing MARC8. --- [ 856 : z ]
_version_ 1792331057648893952
fullrecord <?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>10762nam a22004453i 4500</leader><controlfield tag="001">5006422513</controlfield><controlfield tag="003">MiAaPQ</controlfield><controlfield tag="005">20240229073837.0</controlfield><controlfield tag="006">m o d | </controlfield><controlfield tag="007">cr cnu||||||||</controlfield><controlfield tag="008">240229s2014 xx o ||||0 eng d</controlfield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781430263562</subfield><subfield code="q">(electronic bk.)</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="z">9781430263555</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(MiAaPQ)5006422513</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(Au-PeEL)EBL6422513</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)1231606322</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">MiAaPQ</subfield><subfield code="b">eng</subfield><subfield code="e">rda</subfield><subfield code="e">pn</subfield><subfield code="c">MiAaPQ</subfield><subfield code="d">MiAaPQ</subfield></datafield><datafield tag="050" ind1=" " ind2="4"><subfield code="a">QA76.9.A25</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Dennedy, Michelle.</subfield></datafield><datafield tag="245" ind1="1" ind2="4"><subfield code="a">The Privacy Engineer's Manifesto :</subfield><subfield code="b">Getting from Policy to Code to QA to Value.</subfield></datafield><datafield tag="250" ind1=" " ind2=" "><subfield code="a">1st ed.</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Berkeley, CA :</subfield><subfield code="b">Apress L. P.,</subfield><subfield code="c">2014.</subfield></datafield><datafield tag="264" ind1=" " ind2="4"><subfield code="c">©2014.</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">1 online resource (386 pages)</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">computer</subfield><subfield code="b">c</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">online resource</subfield><subfield code="b">cr</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="505" ind1="0" ind2=" "><subfield code="a">Intro -- Contents at a Glance -- Contents -- About the Authors -- About the Technical Reviewers -- Acknowledgments -- Foreword, with the Zeal of a Convert -- Part1: Getting Your Head Around Privacy -- Chapter 1: Technology Evolution, People, and Privacy -- The Relationship Between Information Technology Innovation and Privacy -- The Information Age -- The Firewall Stage -- The Net Stage -- The Extranet Stage -- Access Stage -- The Intelligence Stage -- The Dawning of the Personal Information Service Economy -- Data-Centric and Person-Centric Processing -- Conclusion -- Chapter 2: Foundational Concepts and Frameworks -- What Is Privacy? -- Privacy Engineering -- Personal Information -- Privacy -- An Operational Definition of Privacy -- Processing of Personal Information -- Authorized -- Fair and Legitimate -- Fair Information Processing Principles and the OECD Guidelines -- Collection Limitation Principle -- Data Quality Principle -- Purpose Specification Principle -- Use Limitation Principle -- Security Safeguards Principle -- Openness Principle -- Individual Participation Principle -- Accountability Principle -- Other Governance Standards of which to be aware -- Privacy Is Not Confidentiality and Security Is Not Privacy -- Confidentiality ≠ Privacy -- Security ≠ Privacy -- The Overlaps -- The Disconnects -- Conclusion -- Chapter 3: Data and Privacy Governance Concepts -- Data Management: The Management of "Stuff" -- Data Governance -- Benefits of Data Governance -- The Privacy and Data Governance/Stewardship Connection -- Data Privacy Governance Frameworks -- Generally Accepted Privacy Principles (GAPP) -- Impact of Frameworks on the Privacy Engineer -- Frameworks Are Not the Same as Laws -- Privacy by Design -- How Privacy Engineering and Privacy by Design work Together -- Conclusion -- Part2: The Privacy Engineering Process.</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Chapter 4: Developing Privacy Policies -- Elements of Privacy Engineering Development -- Privacy Policy Development -- What Is a Good Policy? -- Designing a Privacy Policy -- What Should Be Included in a Privacy Policy? -- General-Level Privacy Policy Development -- Enterprise-Specific Privacy Development -- Internal vs. External Policies -- Policies, Present, and Future -- Conclusion -- Chapter 5: Developing Privacy Engineering Requirements -- Three Example Scenarios -- Example Scenario 1: The Privacy Component -- Example Scenario 2: A Runner's App -- Example Scenario 3: Hospitality Vacation Planner -- Privacy Requirements Engineering -- Privacy Requirements Engineering -- Use Cases: A Tool for Requirements Gathering -- Use Cases within Privacy Engineering -- Privacy Requirements Derived from Privacy Frameworks -- Develop Privacy Requirement Use Cases -- Use Case Metadata -- Use Case Metadata Model -- The Privacy Engineer's Use of Use Case Metadata -- Determining Data Requirements -- How Does the Distribution Channel Impact Privacy Engineering Requirements? -- Cloud Privacy Requirements -- Conclusion -- Chapter 6: A Privacy Engineering Lifecycle Methodology -- Enterprise Architecture -- Architectural Views -- Solution Architecture -- Develop Procedures, Processes, and Mechanisms -- Methodology -- System Engineering Lifecycle -- The Use of Models within the Methodology -- Stage 1: Project Initiation and Scoping Workshop -- Project Initiation Defines Project Processes -- Requirements Definition Within the Scoping Workshop -- Scoping Deliverables -- Stage 2: Develop Use Cases and Class or Data Models -- Develop Business Activity Diagrams -- Using the Business Activity Diagram for Privacy Assessment -- Defining Business and Privacy Data Classes -- Using the Unified Modeling Language Class Model as a Data Model -- Example: Privacy Component Class Model.</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Data Modeling Steps -- Stage 3: Design an Engineered Solution -- User Interface Design -- Basic User Interface Design Steps -- Mapping Business Class Objects to System and Technology Objects -- Prototyping Caveats -- User Interface Prototype -- Component Design -- What Is Component Architecture? -- Example: Privacy Component -- Privacy Rules -- Develop a System Activity Diagram -- Dynamic Modeling -- Define Service Components and Supporting Metadata -- Privacy Enabling Technologies -- Stage 4: Complete System Development -- Stages 5 and 6: Quality Assurance and Rollout -- Develop and Execute Test Cases -- Testing and Rollout Deliverables -- Knowledge Transfer -- Conclusion -- Chapter 7: The Privacy Component App -- Privacy Component Context Diagram -- Use Case Requirements to Build a "Privacy Component" -- The Privacy Component Class Model -- Developing the Unified Modeling Language Class Model -- Privacy Component User Interface Requirements -- Design the Privacy Component Solution -- The Privacy Component Solution Architecture -- The Privacy Component Class Structure -- Privacy Component System Activity Diagram -- Privacy Assessment Using the System Activity Diagram -- Develop the Privacy Component Design -- Using the System Development Methodology for the Privacy Component -- Conclusion -- Chapter 8: A Runner's Mobile App -- The Runner's Mobile App Use Case -- The Runner's App Class or Data Model -- The Runner's App User Experience Requirements -- Design the App Structure -- The Runner's App System Activity Diagram -- Privacy Assessment Using a System Activity Diagram -- Develop the Runner's App Component Design -- Using the System Development Methodology -- Conclusion -- Chapter 9: Vacation Planner Application -- Requirements Definition -- Use Case Metadata for Hospitality Vacation Planner Enterprise Application.</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Develop Business Activity Diagrams -- Business Activity Diagram for Scenario 3: Vacation Planning -- Activity Diagram Used as a Part of Privacy Assessment -- Privacy Component Class and Data Model -- Vacation Planner User Interface Requirements -- Design the Vacation Planner Solution -- The Vacation Planner Solution Architecture -- The Vacation Planner Component Architecture Structure -- Develop System Activity Diagrams -- Dynamic Modeling -- Define Service Components and Supporting Metadata -- Using the System Development Methodology -- Conclusion -- Chapter 10: Privacy Engineering and Quality Assurance -- Quality Assurance -- Using Frameworks to Create a Privacy Quality Assurance Checklist -- Purpose -- Notice -- Choice or Consent -- Transfer -- Access, Correction, or Deletion -- Security -- Minimization -- Proportionality -- Retention -- Act Responsibly -- Privacy Concerns During Quality Assurance -- Vector 1: Managing Privacy During Quality Assurance -- Vector 2: Privacy Impact Assessment: A Validation Tool -- Who Is Usually Involved in a PIA? -- What Should a Privacy Impact Assessment Document Contain? -- Vector 3: The Importance and Value of Privacy Impact Assessment to Key Stakeholders -- Resources for Conducting Privacy Impact Assessments -- Conclusion -- Part3: Organizing for the Privacy Information Age -- Chapter 11: Engineering Your Organization to Be Privacy Ready -- Privacy Responsibilities in Different Parts of the Organization -- Privacy Awareness and Readiness Assessments -- Define Existing Systems and Processes -- Consider the Context -- Skills Assessment -- Building the Operational Plan for Privacy Awareness and Readiness -- Building a Communication and Training Plan for Privacy Awareness and Readiness -- Communicating -- Internal Communications -- External Communication -- A Word About What Are Usually Important, but Boring Words.</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Monitoring and Adapting the Strategy -- Conclusion -- Chapter 12: Organizational Design and Alignment -- Organizational Placement and Structure -- Horizontal Privacy Team: Pros -- Horizontal Privacy Teams: Cons -- Common Privacy Engineering Roles -- Challenges of Bringing Privacy Engineering to the Forefront -- Expanding Executive Management Support -- Spreading Awareness and Gaining Cultural Acceptance -- Extending Your Reach with Limited Resources -- Creating Alliances -- Expanding the Scope of Data Governance -- Remaining Productive Amid Competing Priorities and Demands -- Best Practices for Organizational Alignment -- Aligning with Information Technology and Information Security -- Aligning with Data Governance Functions -- Benefits of Data Governance -- Business Benefits of Alignment -- Other Benefits -- Conclusion -- Part4: Where Do We Go from Here? -- Chapter 13: Value and Metrics for Data Assets -- Finding Values for Data -- Valuation Models -- Model 1 -- Model 2 -- Model 3 -- Model 4 -- Model 5 -- Building the Business Case -- Turning Talk into Action -- Conclusion -- Chapter 14: A Vision of the Future: The Privacy Engineer's Manifesto -- Where the Future Doesn't Need Us -- Even Social Networks (and Their Leaders) Get Cranky When Their Privacy Is Compromised -- Let's Remember How We Got Here -- Privacy Is Not a One-Size-Fits-All Formula -- Innovation and Privacy -- Societal Pressures and Privacy -- It Still Comes Down to Trust and Value -- A New Building Code for Privacy -- Getting Started -- A Privacy Engineer's Manifesto -- Conclusion -- Appendix A: Use-Case Metadata -- Example Use-Case Format -- Appendix B: Meet the Contributors -- Index.</subfield></datafield><datafield tag="588" ind1=" " ind2=" "><subfield code="a">Description based on publisher supplied metadata and other sources.</subfield></datafield><datafield tag="590" ind1=" " ind2=" "><subfield code="a">Electronic reproduction. Ann Arbor, Michigan : ProQuest Ebook Central, 2024. Available via World Wide Web. Access may be limited to ProQuest Ebook Central affiliated libraries. </subfield></datafield><datafield tag="655" ind1=" " ind2="4"><subfield code="a">Electronic books.</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Fox, Jonathan.</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Finneran, Tom.</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Print version:</subfield><subfield code="a">Dennedy, Michelle</subfield><subfield code="t">The Privacy Engineer's Manifesto</subfield><subfield code="d">Berkeley, CA : Apress L. P.,c2014</subfield><subfield code="z">9781430263555</subfield></datafield><datafield tag="797" ind1="2" ind2=" "><subfield code="a">ProQuest (Firm)</subfield></datafield><datafield tag="856" ind1="4" ind2="0"><subfield code="u">https://ebookcentral.proquest.com/lib/oeawat/detail.action?docID=6422513</subfield><subfield code="z">Click to View</subfield></datafield></record></collection>

Similar Items