The Principle of Security Safeguards: Accidental activities
2008 (English)In: Proceedings of the ISSA 2008 Innovative Minds Conference, 2008, 81-98 p.Conference paper (Refereed)
The principle of information security safeguards is a key information principle contained in every privacy legislation measure, framework, and guideline. This principle requires data controllers to use an adequate level of safeguards before processing personal information. However, privacy literature neither explains what this adequate level is nor how to achieve it. Hence, a knowledge gap has been created between privacy advocates and data controllers. This paper takes a step to bridge the aforementioned knowledge gap by presenting an analysis of how data protection and privacy commissioners have evaluated the level of adequacy of security protection given to personal information in selected privacy invasive cases. This study addresses security measures used to protect personal information against accidental incidents. This analysis also lays a foundation for building a set of guidelines for data controllers on designing, implementing, and operating both technological and organizational measures used to protect personal information.
Place, publisher, year, edition, pages
2008. 81-98 p.
Information privacy, information security, accidental disclosure, accidental loss, personal information
Computer and Information Science
IdentifiersURN: urn:nbn:se:su:diva-89899ISBN: 978-1-86854-693-0OAI: oai:DiVA.org:su-89899DiVA: diva2:621428
ISSA 2008 : Information Security South Africa (ISSA) Conference 2008