KI Design created a plan to mitigate a power utility's privacy and security risks
Privacy Practices concerns exist wherever personally identifiable information or other sensitive information is collected, stored, used, and finally destroyed or deleted in digital form or otherwise. Improper or non-existent disclosure control can be the root cause for privacy issues. Data privacy issues can arise in response to information from a wide range of sources, such as:
- Privacy breach
- Healthcare records
- Residence geographic records
- Financial institutions and transactions
- Location-based service and geolocation
- Biological traits, such as genetic material
- Criminal justice investigations and proceedings
- Web surfing behaviour or user preferences using persistent cookies
The challenge of data privacy is to utilise data while protecting individual’s privacy preferences and their personally identifiable information. The fields of computer security, data security and information security design and utilise software, hardware and human resources to address this issue. As the laws and regulations related to Privacy and Data Protection are constantly changing, it is important to keep abreast of any changes in the law and continually reassess compliance with data privacy and security regulations.
Review the privacy practices of a key player in power generation and mitigate risk using Ki Design’s risk-based approach to data privacy and security.
KI Design conducted a privacy, security, and risk assessment for technical and non-technical asset data flows. We offered tailored information, access, and privacy services following the Privacy in Design method.
Review conducted in three stages
Investigation and Maturity: Building a profile of the organisation’s privacy history and goals, including current privacy concerns;
Privacy and Security Risk Assessment: Providing a list of data assets, legislative authorities, vulnerabilities, risk levels, and mitigating controls, highlighting compliance with legislative obligations and industry best practices;
Recommendations and KI Tools: A simple, scalable plan to grow the organisation’s privacy maturity, defining risk mitigation steps and program strategy.
At the end of the project, we provided a Maturity Assessment, a Privacy and Security Assessment, and a Privacy Plan tailored to the needs of the organisation.
- Interview appropriate personnel
- Privacy training procedures review
- Third-party provider contracts review
- Physical and technical controls review
- Review and assess policies and procedures
- Document automated and manual data collection processes
- Measure and control risks
- Review existing privacy practices
- Offer concrete tools for responding to privacy concerns
- Implement necessary structures for an appropriate privacy program
KI Design has a proven track record of successful engagement with a wide variety of clients from the public and private sectors, including from government. Our privacy review services leave our clients assured of their areas of compliance, and prepared to address upcoming challenges.