Benefits of Creating a DPIA
(Data Privacy Impact Assessment)
for Your Security Environment
— Abstract —
Protection of personally identifiable information (PII) is not only a regulatory requirement, but also a business best practice. This includes the PII that is captured and stored in applications used by security practitioners such as access control systems. Creation of a Data Privacy Impact Assessment (DPIA) supports the identification of processes and underlying PII elements obtained and stored by the organization. The DPIA further identifies the privacy risks, and the controls to mitigate these risks. This session will identify the role of a DPIA in your organization’s security framework, what a DPIA looks like, and how to utilize the DPIA when looking to mitigate the risks of a privacy breach.
Outline of Session
Privacy, DPIA and the Security Organization
• Overview of PII and Security Organization
• Overview of the evolving regulatory environment
• Introduction of the DPIA
–What it is
–How it is used
• Overview of a sample DPIA
• Security Professional – How we have implemented the DPIA in our organization.
Learning Objective #1
• Understand what a DPIA is and how to implement it in their organization.
Learning Objective #2
• Learn how creation of a DPIA for security is a powerful tool to support adherence to privacy regulations such as GDPR and CCPA.
Learning Objective #3
Areas of Focus:
• Information Security, Managing Organizations
Topic of Focus
• Database Security I Storage Security, Industrial Control Systems Security I Residential Control Systems Security (Information Security)
Recommendation of Session by Community
• Information Technology Security