View
43
Download
0
Category
Preview:
DESCRIPTION
The goal : Enable justice information sharing and protect privacy. What is the rhinoceros in the information sharing living room?. Is it security? Is it quality of data? Is it privacy? Is it disclosure? OR is it ---- All of the above. How do we go for the goal?. - PowerPoint PPT Presentation
Citation preview
United StatesDepartment of Justice
www.it.ojp.gov/global
The goal: Enable justice information sharing and protect privacy
United StatesDepartment of Justice
www.it.ojp.gov/global
What is the rhinoceros in the information sharing living room?• Is it security?
• Is it quality of data?
• Is it privacy?
• Is it disclosure? OR is it ----
• All of the above
United StatesDepartment of Justice
www.it.ojp.gov/global
How do we go for the goal?
• You need privacy and information quality policies to guide your agency’s and organization information sharing efforts.
United StatesDepartment of Justice
www.it.ojp.gov/global
Privacy and Information Quality Policies:• protect your agency and organization and make it easier to do what is
necessary --- share information;
• help your agency and organization prevent problems;
• are developed to address concerns and directly impact the whole community;
• succeed when someone champions the initiative;
• were developed for the most part when records were on paper – may not translate well in the electronic and digital age.
United StatesDepartment of Justice
www.it.ojp.gov/global
Should you be concerned about developing or reviewing your agency’s privacy and
information quality policies?
Take the Quiz!
United StatesDepartment of Justice
www.it.ojp.gov/global
Does your agency or organization control, disclose, or provide access to information to persons or agencies outside of your organization?
Does your agency’s information systems(s) contain data or information connected to or shared with other information systems or agencies?
Does your agency or organization collect, use, or provide access to “personally identifiable information” – information that can be linked to individuals?
Does your agency or organization have a stake in the accuracy of the information it manages?
United StatesDepartment of Justice
www.it.ojp.gov/global
If yes, what now?
United StatesDepartment of Justice
www.it.ojp.gov/global
Privacy Technology Focus Group -November 2005-Phoenix, AZ
United StatesDepartment of Justice
www.it.ojp.gov/global
The challenge for focus group members:
• Identify the most important issues in privacy policy and technology.
• Narrow the focus to areas that can be addressed within the given timeframe.
• Outline tangible, targeted technology solutions.• Develop specific recommendations for action.
United StatesDepartment of Justice
www.it.ojp.gov/global
The focus areas of the group:
• Access and Authentication
• Data Aggregation and Dissemination
• Identity Theft
• Personal Safety and Protection
United StatesDepartment of Justice
www.it.ojp.gov/global
Global Security Working Group
(GSWG)
Global Privacy and Information Quality
Working Group(GPIQWG)
Global Infrastructure/Standards
Working Group(GISWG)
What happens next?
United StatesDepartment of Justice
www.it.ojp.gov/global
• Develop standard elements/components for (access the authentication) interoperability. (Recommendation 1)
• Define technical requirements associated with the Federal Identity (ID) Management and Service-Oriented Architecture (SOA). (Recommendation 2)
• Create a matrix defining roles and associated services as a model to develop business rules and standards related to data content and messaging architecture. (Recommendation 5)
Global Security Working Group(GSWG)
United StatesDepartment of Justice
www.it.ojp.gov/global
• Prepare a policy paper on data anonymization and its value for privacy protection. (Recommendation 8)
• Develop a strategic plan for use of anonymization in justice, public safety, and homeland security efforts to protect privacy while enhancing information sharing. (Recommendation 9)
• Request that the Global Justice Information Sharing Initiative support development of standards for audit functions. (Recommendation 10)
Global Privacy and Information Quality Working Group
(GPIQWG)
United StatesDepartment of Justice
www.it.ojp.gov/global
• Determine mechanisms to ensure persistence of metadata throughout transfer, aggregation, and dissemination of data.
Global Infrastructure/Standards Working Group
(GISWG)
United StatesDepartment of Justice
www.it.ojp.gov/global
Global Technical Privacy Task Team
United StatesDepartment of Justice
www.it.ojp.gov/global
Deliverables for the (GSWG) Technical Privacy Task Team
• Propose actual metadata standards, as required.
• Propose any required business rules, and attempt to simplify privacy business rules across the JRA (Justice Reference Architecture) services.
United StatesDepartment of Justice
www.it.ojp.gov/global
What about that rhinoceros in Information Sharing’s living room?
• Inappropriate disclosure of data raises many concerns:– Legal jeopardy– Privacy infringement– Compromise of operational
confidentiality, and– Public policy repercussions
United StatesDepartment of Justice
www.it.ojp.gov/global
One solution – Cascading Disclosure Control Language - CDCL
Recommended