This module will introduce you to the challenges facing any organisation in managing data privacy. You’ll gain an understanding of the meaning of data privacy and will examine the serious legal constraints facing all organisations which make data privacy a key issue for cyber-security risk management.
You’ll examine key governance matters, including privacy impact assessments. You’ll also consider the role of technology in supporting privacy, including de-identification techniques for datasets, homomorphic encryption and other privacy enhancing technologies. Finally, you’ll study a privacy case study, such as e-voting.
- Privacy – the concept and its relationship to cyber security
- Privacy law, regulation and standards
- Privacy technologies
- De-identification and metrics for privacy
- Privacy case studies, for example e-voting and distributed ledgers
- Surveillance and technology restrictions.
On successful completion of this module, you will be expected to be able to:
- understand what data privacy means in an organisation, and use this to evaluate how personal data is acquired stored and processed
- understand how information privacy relates to risk management, and judge which aspects of personal data processing require risk assessment
- plan and develop a privacy impact assessment
- evaluate the relevance of key standards to support the implementation of data privacy
- understand the technologies available to help de-identify datasets and their limitations, and generate an approach to using these techniques appropriate to an organisational setting
- use privacy case studies to evaluate how privacy should be implemented.
- End of module examination (100%)