global privacy and information quality working group
TRANSCRIPT
Global Privacy and Information QualityWorking Group
www.it.ojp.gov/globalwww.it.ojp.gov/global
Product II
Privacy Policy Development
Guide
www.it.ojp.gov/globalwww.it.ojp.gov/global
Message From the Chair
“The foundations for privacy policy exist in our current laws and customs. Constitutions, statutes, regulations, policies, procedures, and common law
requirements still control the obligations of the justice entities to collect and share information
within legal limits.”
www.it.ojp.gov/globalwww.it.ojp.gov/global
The Change
“Clear articulation of rules that control justice information sharing in a manner that translates into systems requirements for systems developers and
information managers.”
www.it.ojp.gov/globalwww.it.ojp.gov/global
The Audience
The guidebook has been developed to assist the individual who is assigned the task of
writing a privacy policy.
www.it.ojp.gov/globalwww.it.ojp.gov/global
The Process
“A step-by-step guide on team effort to develop and articulate privacy policy.”
www.it.ojp.gov/globalwww.it.ojp.gov/global
Section 3 Privacy Policy Overview3.1 What Is a Privacy Policy?3.2 The Intersection Between Privacy and Information
Quality3.2.1 What Is Information Quality?3.2.2 Impact of Data Quality on Privacy and Public
Access3.2.3 What Generates Data Quality Issues?3.2.4 Future Guidance Statement
www.it.ojp.gov/globalwww.it.ojp.gov/global
Section 4 Governance
4.1 Identifying the Champion
4.2 Resource Justification
4.3 Identifying the Project Leader
4.4 Building the Project Team and Stakeholder Contacts
www.it.ojp.gov/globalwww.it.ojp.gov/global
Section 5 Planning
5.1 Developing a Vision, Mission, Values Statement, and Goals and Objectives
5.1.1 Vision Statement
5.1.2 Mission Statement
5.1.3 Values Statement
5.1.4 Goals and Objectives
5.2 Writing the Charter
www.it.ojp.gov/globalwww.it.ojp.gov/global
Section 6 Process6.1 Understanding Information Exchanges
6.1.1 Tools to Assist With Understanding the Flow of Information
6.2 Analyzing the Legal Requirements6.2.1 Introduction6.2.2 Approach to the Legal Analysis6.2.3 Focusing the Legal Analysis6.2.4 Performing the Legal Analysis6.2.5 Checklist6.2.6 Resources
www.it.ojp.gov/globalwww.it.ojp.gov/global
Section 6 Process (continued)
6.3 Using FIPs as a Starting Point (law enforcement exception discussion)
6.4 Identifying Critical Issues and Policy Gaps
www.it.ojp.gov/globalwww.it.ojp.gov/global
Section 7 Product (Developing the Elements of the Privacy Policy)
7.1 Vision and Scope for the Privacy Policy7.2 Outline and Organizational Structure
7.2.1 Introduction7.2.2 Definitions7.2.3 Applicability 7.2.4 Legal Requirements and Policy Guidance7.2.5 Accountability (responsibility for
implementation/compliance monitor)
7.2.6 Process for Revisions and Amendments
www.it.ojp.gov/globalwww.it.ojp.gov/global
Section 7 Product (continued)
7.3 Writing the Privacy Policy
7.3.1 Making the Policy Choices—Filling in the Gaps
7.4 Vetting the Privacy Policy
7.5 Resources
7.5.1 Some Common Elements of Current Policies
7.5.2 Policy Example(s)
www.it.ojp.gov/globalwww.it.ojp.gov/global
Section 8 Implementation
8.1 Formal Adoption of the Policy
8.2 Publication
8.3 Outreach
8.4 Training
www.it.ojp.gov/globalwww.it.ojp.gov/global
Appendices• Appendix A – Case Study
– Illinois Criminal Justice Information Authority and Illinois Integrated Justice Information System (IIJIS)
• Appendix B – Definitions• Appendix C – Acknowledgements• Appendix D – Compendium
www.it.ojp.gov/globalwww.it.ojp.gov/global
Next Steps on Privacy• GAC input on the Privacy Policy Development Guide• Compendium of state and privacy laws and available
Attorney General opinions• Examples of privacy policies• GAC input on next steps on information quality
www.it.ojp.gov/globalwww.it.ojp.gov/global
Next Steps on Information Quality• Goals and objectives• Identification of subject-matter experts• Guidance on information quality issues• Guidance on developing information quality policies