| |
Click here for full text:
A Systemic Approach to Privacy Enforcement and Policy Compliance Checking in Enterprises
Casassa Mont, Marco; Pearson, Siani; Thyne, Robert
HPL-2006-44
Keyword(s): privacy; privacy policy enforcement; policy compliance; automation; governance; identity management
Abstract: Privacy management is important for enterprises that handle personal data: they must deal with privacy laws and people's expectations. Currently much is done by means of manual processes, which make them difficult and expensive to comply. Key enterprises' requirements include: automation, simplification, cost reduction and leveraging of current identity management solutions. This paper describes a suite of privacy technologies that have been developed by HP Labs, in an integrated way, to help enterprises to automate the management and enforcement of privacy policies (including privacy obligations) and the process of checking that such policies and legislation are indeed complied with. Working prototypes have been implemented to demonstrate the feasibility of our approach. In particular, as a proof-of-concept, the enforcement of privacy policies and obligations has been integrated with HP identity management solutions. Part of this technology is currently under productisation. Technical details are provided along with a description of our next steps. Notes: Robert Thyne, Hewlett-Packard, Software Business Organisation, Toronto, Canada
10 Pages
Back to Index
|
Printable version
