[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: Follow up...the Privacy Management Relationship Model and Methodology (PMRM) and Privacy Engineering
Peter Brown (IAPP/CIPT, Member of the Institute of Directors)
Owner, Peter F Brown Consulting bvba, Belgium
Hi Gail,
Did you have a chance to take a look at this at your meeting?
Cheers,
Sam
Sam Pfeifle | Publications DirectorIAPP - International Association of Privacy Professionals
From: Gail Magnuson <gail.magnuson@gmail.com>
Sent: Wednesday, November 2, 2016 4:11 PM
To: Sam Pfeifle
Cc: Jedidiah Bracy; John Sabo; Emily Leach
Subject: Re: Follow up...the Privacy Management Relationship Model and Methodology (PMRM) and Privacy EngineeringSam,
This sounds perfect. We meet on November 8th and will provide you a name then.
Best, Gail
On Wed, Nov 2, 2016 at 2:41 PM, Sam Pfeifle <spfeifle@iapp.org> wrote:
Great! Sounds like we're all working toward the same idea.
For our RSA presentation, I'd be looking for one person from your team to present the findings of that "detailed overview" in a 45-minute (or so) presentation to about 400 attendees. Something along the lines of:
Engineering privacy: A primer
As privacy moves from policy and law to operations and execution, many privacy professionals are beginning to focus on the "how" of privacy within their organizations. What are the controls, frameworks, checks and balances that can be applied to make sure your operation is performing at intended and that the correct questions are asked, and action taken, at the appropriate inflection points? Further, many organizations - from NIST to ISACA to IEEE to OASIS and more - are beginning to offer up standards, frameworks, and tools from which privacy pros can pick, choose, and steal. In this session, we'll provide an overview of what's emerging, where they seem to align, and where you might have to make some hard decisions for your organization.
Do you guys have the right person for that? Does it sound like an interesting opportunity? The RSA event is Feb 13, 2017, so we've got a little bit of time, but I'm trying to lock down a speaker by Nov. 10 or so. That gets everything onto the web site for program launch.
Cheers,
Sam
Sam Pfeifle | Publications DirectorIAPP - International Association of Privacy Professionals
From: Gail Magnuson <gail.magnuson@gmail.com>
Sent: Wednesday, November 2, 2016 12:37 PM
To: Sam Pfeifle
Cc: Jedidiah Bracy; John Sabo; Emily Leach
Subject: Re: Follow up...the Privacy Management Relationship Model and Methodology (PMRM) and Privacy EngineeringHi Sam,
Thank you for reaching out to us on this matter:
- A Tech Blog or an article about the various privacy engineering models, methodologies and tools. Such a blog or an article(s) might include an overview along with specific information about a specific privacy engineering model, methodology and tool
We are currently working on two materials: a summary blog and a more detailed overview of what is currently in play in the various categories (principles, policy, frameworks/models, methodologies, tools, mechanisms and deliverables.
We certainly can meet these requirements. I believe that it is essential that we work collaborate with those producing "standards" with those that are building "tools".
We will be sending the PMRM blog to Jedidiah within the week. This blog naturally required the consensus amongst the Oasis team. These next to materials will be easier to complete, as they are an amalgamation of many sources and are not intended to focus on a specific model, framework, methodology, tool, mechanism, et.al. but to demonstrate the landscape for privacy engineering and privacy by design.
Please let John and I know what we can do to support your efforts.
Best, Gail
On Wed, Oct 26, 2016 at 4:33 PM, Sam Pfeifle <spfeifle@iapp.org> wrote:
Hi Gail,
I'm checking in how how things are going with the privacy engineering framework articles.
Specifically, I've got an opportunity to have someone give a presentation at RSA giving an overview of the various frameworks, much as we outlined in #3, below. Ideal would be to have that article launch about a month before RSA in February and then have someone speak to it at the event as part of our privacy half-day precon.
Any interest/suggestions? Are we still working toward the below? Sorry if the ball was dropped on my end at some point.
Cheers,
Sam
Sam Pfeifle | Publications DirectorIAPP - International Association of Privacy Professionals
From: Gail Magnuson <gail.magnuson@gmail.com>
Sent: Wednesday, June 29, 2016 3:30 PM
To: Sam Pfeifle
Cc: Jedidiah Bracy; John Sabo; Emily Leach
Subject: Re: Follow up...the Privacy Management Relationship Model and Methodology (PMRM) and Privacy EngineeringSam,
I will connect with Emily and John and I will reach out to the individuals that we are working with in OASIS and ISO to further discussion regarding the discipline of Privacy Engineering. While, in addition to the PMRM as a model and methodology, there are other frameworks and methodologies that are in play.
Collectively the "privacy industry" has come a long way in implementing privacy policies and now is beginning to demonstrate accountability.
I suspect that we have not yet been able to demonstrate a path from law/policies to privacy controls and on to services/functionalities and into implemented mechanisms.....and to be able to reverse engineer for a data protection authority that the mechanisms employed meet the laws/mechanisms.
Needless to say this is an aspirational goal, however there are works in progress that are comparing, contrasting and integrating frameworks, methodologies and tools to begin to do so.
John and I will work to pull together information about #3.
Best to you and Emily, I look forward to speaking with you.
Gail
Gail Magnuson, LLC
On Wed, Jun 29, 2016 at 2:18 PM, Sam Pfeifle <spfeifle@iapp.org> wrote:
Hi Gail,
I'm just adding Emily Leach to this thread as well, as she is our Resource Center manager.
That compendium would be a great resource to have available to our members - perhaps as the anchor to a new page in our Resource Center focusing on privacy engineering. It's particularly apropos considering the GDPR's new privacy by design mandate.
I think #3 would probably best hit as an article that offered some thoughts on similarities and differences between the major privacy frameworks that are emerging, which then points to the compendium which lives in the RC indefinitely and which can be updated by our staff (or you) in perpetuity.
Sam
Sam Pfeifle | Publications DirectorIAPP - International Association of Privacy Professionals
From: Gail Magnuson <gail.magnuson@gmail.com>
Sent: Wednesday, June 29, 2016 12:12 PM
To: Jedidiah Bracy
Cc: Sam Pfeifle; Trevor Hughes; John Sabo
Subject: Follow up...the Privacy Management Relationship Model and Methodology (PMRM) and Privacy EngineeringHi Jed,
Thank you for the introductions to Naomi and Jason. My conversations with them are very informative and in concert with the OASIS PMRM work and those associated with ISO/IEC JTC1/SC27/WG5 we are focusing on the following:John Sabo will take the next step with our international OASIS group in writing the blog about the PMRM.
- A Tech Blog (700-900 words) written about the PMRM
- A Tech Blog (700-900 words) written about the OASIS PbD initiative when it is final
- A Tech Blog or an article about the various privacy engineering models, methodologies and tools. Such a blog or an article(s) might include an overview along with specific information about a specific privacy engineering model, methodology and tool
We also spoke about identifying/integrating the various standards works (ISO, IEEE, ISAC, W3W, et. al.) in process into these blogs and articles and ensuring that various global initiatives were included.
I am personally working on a compendium of privacy engineering frameworks, methodologies and tools. That might fit with #3 above.
Look forward to further communication from John or myself.
Best, Gail
--
Gail Ann Magnuson
Mobile: 1.704.232.5648
Residence: Ponce Inlet, FLMailing Address4624 Harbour Village Boulevard #4406Ponce Inlet, FL 32127
--
Gail Ann Magnuson
Mobile: 1.704.232.5648
Residence: Ponce Inlet, FL
Mailing Address
4624 Harbour Village Boulevard #4406
Ponce Inlet, FL 32127
--
Gail Ann Magnuson
Mobile: 1.704.232.5648
Residence: Ponce Inlet, FL
Mailing Address
4624 Harbour Village Boulevard #4406
Ponce Inlet, FL 32127
--
Gail Ann Magnuson
Mobile: 1.704.232.5648
Residence: Ponce Inlet, FL
Mailing Address
4624 Harbour Village Boulevard #4406
Ponce Inlet, FL 32127
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]