Women In Security Magazine Issue 3

Page 106

MARISE ALPHONSO

LINKING DATA PRIVACY TO SECURITY by Marise Alphonso, Information Security Lead at Infoxchange

Privacy is a fundamental human right1, and security

a privacy impact assessment7 to identify the risk

is essential to the maintenance of that right. Those

of that personal information being compromised,

who work in the fields of data privacy and information

and thereafter determine safeguards that should be

security have a duty of care to protect personal

implemented to address potential privacy impacts. A

information, build trust and ensure transparency “with

key step of this assessment is consideration of how

consumers” of organisational products and services.

personal information flows through the information

By fulfilling this duty, they will facilitate innovation

lifecycle of collection, storage, use, retention and

and societal growth, and operate within the guardrails

disposal.

provided by legal and regulatory frameworks2. In early May, Privacy Awareness Week3 was

government agencies and organisations (entities)

celebrated in Australia with the theme of ‘Make

with turnover greater than $3 million, consists of

privacy a priority’. The Office of the Australian

13 Australian Privacy Principles (APPs). APP No 11,

Information Commissioner (OAIC) facilitated several

security of personal information, refers to “reasonable

events to shine a spotlight on how we can improve

steps to protect personal information an entity

personal information privacy practices within our

holds from misuse, interference and loss, as well as

homes and workplaces5 6.

unauthorised access, modification or disclosure.”

4

When personal information is provided to an organisation by a member of the public to obtain a product or service, the expectation is that it will be used for that and nothing more. Prior to offering a product or service, an organisation must perform

106

The Privacy Act (1988)8, which applies to Australian

WOMEN IN SECURITY MAGAZINE

“Reasonable steps”9 here refers to elements of an information security program including governance, policies and procedures, staff training and awareness, technical security measures, physical security, third party assurance practices and incident response.

Turn static files into dynamic content formats.

Create a flipbook

Articles inside

Surviving a crisis - a view from the trenches

6min
pages 120-123

Are you doing enough to protect your organisation’s IT security?

2min
pages 118-119

Take me to cuba

6min
pages 111-113

Whose afraid of Zero Day

6min
pages 114-117

How to embrace the coming technology revolution

4min
pages 108-110

Linking data privacy to security

3min
pages 106-107

transforms cybersecurity

8min
pages 102-105

Back to basics

6min
pages 99-101

AusCERT plenary panel

6min
pages 96-98

Hackers are not who you think they are

2min
pages 91-95

Celebrating information security excellence in 2021

9min
pages 86-89

Factors threatening effective partnerships in crisis situations

2min
page 90

AWSN returning to in-person events around Australia

3min
pages 84-85

Building relationships in the security and risk suite and why it matters

4min
pages 80-81

fighting for women in STEM

8min
pages 76-79

Ten top tips to secure your website

3min
pages 74-75

How SiteMinder’s product and technology teams stayed motivated and innovative during the pandemic, while servicing the traditional hotel industry

5min
pages 72-73

Top 5 digital parenting tips for parents with teens

2min
pages 64-65

Lisa Jiggetts

5min
pages 54-57

Could inclusivity expand the cybersecurity talent pool in australia?

3min
pages 60-61

A Tuesday in the life of a Regional Technical Support Manager

5min
pages 62-63

How to make a midcareer move into cybersecurity

3min
pages 58-59

Gergana Winzer

7min
pages 46-49

Noushin Shabab

4min
pages 52-53

Christina Keing

4min
pages 50-51

Dr Lesley Seebeck

6min
pages 40-41

Anna Liebel

4min
pages 32-33

Jo Stewart-Rattray

5min
pages 34-36

Daniella Traino

6min
pages 30-31

Giulia Traverso

3min
page 37

Shelly Mills

5min
pages 38-39

How to create a culture of belonging and why it matters

8min
pages 18-21

Beware of ransomware

2min
pages 16-17

more diverse workforces

4min
pages 12-15
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.