Samples, Tools and Templates    Government

Cybersecurity in the Golden State

This guidance from the California Attorney General Kamala Harris aims to help California businesses protect against and respond to malware, data breaches and other cyber-incidents.

Guide to Undertaking Privacy Impact Assessments

This guide, prepared by the Office of the Australian Information Commissioner, provides a ten step process to assist public and private organizations in undertaking a PIA.

Making Privacy Impact Assessment More Effective

In this white paper, David Wright of Trilateral Research & Consulting offers a 16-step methodology to help make privacy impact assessments meaningful and effective, including consulting with stakeholders, agreeing on a budget for the PIA and publishing it on the organization’s website.

U.S. Department of Commerce Safe Harbor Certification Review Process

The U.S. Department of Congress released this guidance to offer insight on the International Trade Administration's process of reviewing Safe Harbor certifications, including what it looks for and the process that occurs if elements of the certification are missing.

Privacy and Data Security Training Requirements

Many privacy laws contain employee training requirements. In this resource, Teach Privacy outlines these requirements in HIPAA, GLBA, PCI-DSS, FACTA, FISMA, Texas Health Privacy Law, Massachusetts Data Security Law, EU-US Safe Harbor Arrangement, ISO/IEC 27002 and Canada’s PIPEDA.

Referential BCR CBPR Requirements

The goal of this referential is to serve as an informal pragmatic checklist for organizations applying for authorization of Binding Corporate Rules and/or certification of Cross-Border Privacy Rules. It thereby facilitates the design and adoption of personal data protection policies compliant with each of the systems.

Framework for Improving Critical Infrastructure Cybersecurity

The U.S. National Institute of Standards and Technology created this framework as required under an executive order from the Obama Administration. This final version includes standards, procedures and processes for reducing cyber risks to critical infrastructure.

Guidelines for Processing Personal Data Across Borders—Public Entities

The Treasury Board of Canada Secretariat has developed guidance documents related to outsourcing for federal organizations, including the sharing of personal data, making contract decision and addressing concerns about the USA PATRIOT Act.

Prudence the Privacy Pro, Vol. 1, No. 4

Dr. Breach is at it again! This time he's using spear phishing campaigns to try and steal credit card information....until Prudence the Privacy Pro and Opt Out get wind of his evil plot.

Celebrate Privacy and Improve Awareness

Subscribers to the IAPP Privacy List offered up some fun ideas for ways to celebrate Data Privacy Day. While these suggestions are particularly appropriate on January 28, they can be implemented at any time of the year to promote the importance of privacy in your organization.

DLA Piper Data Protection Handbook

DLA Piper has created version 3.0 of its online and interactive guidebook of the world’s data protection laws and regulations. The tool offers each countries’ law, regulator contact information and specifics on how it regulates anything from infosecurity to breaches to electronic marketing. It’s also possible to set two countries side by side and compare the way they regulate data protection.

Global Guide to Data Breach Notifications, 2013

World Law Group has created this guide to provide a brief overview of legislation governing data breach notification requirements in jurisdictions across the globe.

Bring Your Own Device Guidance

This guidance from the UK Information Commissioner’s Office explores what you need to consider if permitting the use of personal devices to process personal data for which you are responsible.

Self-Assessment of a Comprehensive Privacy Programme: A Tool for Practitioners

This tool is the product of the Accountability Project’s fourth year and responds to the need for a practical means to help organizations implement and evaluate the programs and practices necessary to establish accountability for responsible data protection.

Elements of a Federal Privacy Program

This document from the Federal CIO Council Privacy Committee serves as a best practices guide to help federal organizations implement and sustain privacy awareness and stewardship. It can be integrated into any government organizational level–department, component, office or program–responsible or accountable for privacy. The seven elements described in this document provide the basis for a robust federal privacy program. (June 2010)

Page 1 of 5 pages  1 2 3 >  Last ›