From Privacy Impact Assessments (PIA) to Information Risk Assessments
- LANGUAGE: English DATE: Tuesday, November 25, 2014 TIME: 4:00pm CET, 10:00am EST, 7:00am PST
Privacy Impact Assessments (PIAs) are already or soon will be a legal requirement in many jurisdictions or sectors (i.e. payment cards sector). They provide a great help for institutions to focus on privacy and data flows and therefore provide an interesting entry point into an overall discussion on Information and identity-related risks. In this webinar, KuppingerCole´s fellow analysts Scott David and Karsten Kinast will discuss with you about PIAs as a natural starting point for a broader and more complete view on digital risks.
Privacy is just one of the risk concerns (albeit an important one) for businesses, governments and other organizations relating to data, information and identity flows. Privacy Impact Assessments (PIA) are a common practice to identify and reduce privacy risks. Therefore it should be very helpful to examine PIAs in the context of the broader range of risk issues arising from the convergence of the digital and analog worlds. This is particularly important since the concepts of potential negative "privacy" impacts and the deployment of resources to address them are typically viewed by large institutions in the context of overall related information-usage risks.
For example, a bank needs to balance privacy with identity veracity to protect accounts, a hospital needs to balance privacy with safety of delivery of care to the correct patient, etc. In either case, other risks are balanced with privacy risks by entities to determine actual actions and behaviors.
KuppingerCole´s Fellow Analysts Dr. Scott David, LL.M and Dr. Karsten Kinast, LL.M will introduce you to the concept of expanding PIAs to a "Risk Impact Assessment" concept, providing a 360 degrees view on digital risk.
Passwords are quickly and easily compromised, they are costly and difficult to manage, and they result in poor user experiences. Many organizations are looking for alternatives, but find it challenging to identify appropriate passwordless and phishing resistant authentication solutions that are simple, effective, and secure.