3

Privacy by Design Principles

Executive Summary

We came across some useful information Privacy Horizon and supplementary sources and have combined it into the summary below on the topic of Privacy by Design principles. Please refer to the original sources below for more detailed information.

Privacy by Design is a concept that was developed by the former Information and Privacy Commissioner of Ontario, Dr. Ann Cavoukian in the 1990s to address the ever-growing and systemic effects of Information and Communication Technologies, and of large–scale networked data systems. Privacy by Design advances the view that the future of privacy cannot be assured solely by compliance with legislation and regulatory frameworks; rather, privacy assurance must ideally become an organization’s default mode of operation.[1]

The objectives of Privacy by Design are as follows: ensuring privacy and gaining personal control over one’s information and, for organizations, gaining a sustainable competitive advantage — may be accomplished by practicing the 7 Foundational Principles listed below.

Supplementary Contact Organization:

 

We are interested in generating some discussion on this topic in our Healthcare Privacy Community. Please visit this space to join the conversation.

 


Privacy by Design Principle Strategies

  1. Proactive, not Reactive:
    • The Privacy by Design (PbD) approach attempts to anticipate and prevent privacy-invasive events before they occur.
  2. Privacy as the Default Setting:
    • Ensure that personal data is automatically protected in any given IT system or business practice so that if an individual does nothing, their privacy still remains intact.
  3. Privacy Embedded into Design:
    • Privacy should be embedded into the design and architecture of IT systems and business practices.
  4. Full Functionality – Positive-Sum, not Zero-Sum:
    • PbD seeks to accommodate all legitimate interests and objectives in a “win-win” manner, balancing seemingly opposing interests, such as security and privacy.
  5. End-to-End Security – Full Lifecycle Protection:
    • PbD extends throughout the entire lifecycle of the data involved, from start to finish.
  6. Visibility and Transparency:
    • It seeks to assure all stakeholders that component parts and operations remain visible and transparent, to users and providers alike.
  7. Respect for User Privacy – Keep it User-Centric
    • Above all, it puts the interests of the individual by offering such measures as strong privacy defaults, appropriate notice, and empowering user-friendly options.

The 7 Foundational Principles of Privacy by Design[2]

The principles that comprise Privacy by Design are as follows:

Proactive, not Reactive; Preventative not Remedial

The Privacy by Design (PbD) approach is characterized by proactive rather than reactive measures. It encourages users to anticipate and prevent privacy-invasive events before they occur. PbD does not wait for privacy risks to materialize, nor does it offer remedies for resolving privacy infractions once they have occurred – it aims to prevent them from occurring. 

Privacy as the Default Setting

Privacy by Design seeks to deliver the maximum degree of privacy by ensuring that personal data are automatically protected in any given Information Technology (IT) system or business practice. If an individual does nothing, their privacy still remains intact. No action is required on the part of the individual to protect their privacy – it is built into the system, by default.

Privacy Embedded into Design

Privacy is embedded into the design and architecture of IT systems and business practices. It is not bolted on as an add-on, after the fact. The result is that it becomes an essential component of the core functionality being delivered. Privacy is integral to the system, without diminishing functionality.

Full Functionality: Positive-Sum, not Zero-Sum

Privacy by Design seeks to accommodate all legitimate interests and objectives in a positive-sum “win-win” manner, not through a dated, zero-sum approach, where unnecessary trade-offs are made. Privacy by Design avoids the pretense of false dichotomies, such as privacy vs. security, demonstrating that it is possible to have both.

End-to-End Security: Full Lifecycle Protection

Privacy by Design, having been embedded into the system prior to the first element of information being collected, extends throughout the entire lifecycle of the data involved, from start to finish. This ensures that at the end of the process, all data are securely destroyed, in a timely fashion. Thus, Privacy by Design ensures cradle to grave, lifecycle management of information, end-to-end.

Visibility and Transparency: Keep it Open

Privacy by Design seeks to assure all stakeholders that whatever the business practice or technology involved, it is in fact, operating according to the stated promises and objectives, subject to independent verification. Its component parts and operations remain visible and transparent, to users and providers alike. Remember, trust but verify.

Respect for User Privacy: Keep it User-Centric

Above all, Privacy by Design requires architects and operators to keep the interests of the individual uppermost by offering such measures as strong privacy defaults, appropriate notice, and empowering user-friendly options. Keep it user-centric.

Application

The Privacy by Design principles can be applied generally to three areas:[3]

  1. IT systems
  2. Accountable business practices
  3. Networked infrastructure

Principles of privacy by design may be applied to all types of personal information. However, special care and attention should be paid to sensitive types of information, such as medical and financial information. Typically, there is a proportional relationship between the strength and austerity of the privacy measures implemented and the level of sensitivity associated with the information being handled. That being said, robust privacy measures are always recommended and are likely to garner the most amount of organizational success and engender the greatest amount of trust between distributors and users.



Key Takeaways

Privacy by Design outlines major principles to follow with regard to information privacy and security. This is especially pertinent to health information. Privacy Design is related to Privacy Engineering, which details specific strategies to implement general design principles. Privacy by Design Foundational Principles serve as an overarching framework for inserting privacy and data protection early, effectively and credibly into information technologies, organizational processes, networked architectures and, indeed, entire systems of governance and oversight. PbD seeks to raise the bar for privacy by promoting enhanced accountability and user trust. It is an essential consideration for any health information organization.