Skip to Main Content
Digital Identity
book

Digital Identity

by Phillip J. Windley
August 2005
Beginner content levelBeginner
256 pages
8h 26m
English
O'Reilly Media, Inc.
Content preview from Digital Identity

Privacy Audits

Chief Privacy Officers and others concerned with privacy in an organization worry about what they don't know. It's not the data you know about that will get you in trouble. In Chapter 16, we'll discuss resource mapping and specifically talk about how to create inventories of the data in your organization. Having these data maps is the first step to being able to perform privacy audits . Here are some of the privacy-related questions you might ask about the identity data in your organization:

  • What kinds of identity data are you collecting?

  • How is this identity data collected?

  • Why was the identity data collected?

  • Were special conditions on its use established at any time?

  • Who is the data owner?

  • Who is the custodian?

  • Who uses the data, why, and how do they usually access it (i.e., remotely, via the Web, from home)?

  • Where is it stored?

  • Is any of the data stored on devices that are routinely transported off-site such as a laptop or PDA?

  • Are there backups? If so, you need to answer these same questions about the backups.

  • Are there access logs for the data?

  • Where are the logs stored?

  • Are the logs protected?

  • What other security measures (firewalls, intrusion detection systems, and so on) are used to protect the data?

Conducting privacy audits and collecting all of this information may seem like a lot of work, but ask yourself what it means if you don't know the answers to these questions. There's good news and bad news. The good news is that data maps are useful for more than just privacy, ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Learning Digital Identity

Learning Digital Identity

Phillip J. Windley
Self-Sovereign Identity

Self-Sovereign Identity

Alex Preukschat, Drummond Reed

Publisher Resources

ISBN: 0596008783Errata Page