Privacy Act

From The Secure Arc Wiki

The Privacy Act or equivalent, is a legal requirement which aims to prevent disclosure of private information of individuals within a National/Federal scope. Each requirement of the law is broken down further into more specific sub-requirements that can be mapped back to both the Security Principles that drive them and the Design Patterns that satisfy them.

Contents 1 National Laws 2 Requirements Outline 3 Information Assets 4 Documentation 5 Navigation

National Laws

• USA
  • Privacy Act 1974 US Department of Justice

• United Kingdom
  • The Data Protection Act 1998 Office of Public Sector Information
  • The Privacy and Electronic Communications (EC Directive) Regulations 2003 Information Commissioner's Office

• Japan
  • Personal Data Protection Law 2005 Personal Information Protection

• Australia
  • Privacy Act 1988 Commonwealth Law of Australia

• Canada
  • Privacy Act 1985 Justice Department

• New Zealand
  • Privacy Act 1993 Privacy Commissioner

• Hong Kong
  • Hong Kong Personal Data (Privacy) Ordinance Privacy Commissioner

Requirements Outline

Information Assets

Private information should be categorised and valued by an organisation. This will map directly into the Regulatory Requirements portion of the Information Asset Classification.

Documentation

Legal publications are freely available on the internet. See the links above

Navigation

• Back to Security Policies and Standards