This document reprises the NIST-established definition of cloud computing; describes cloud computing benefits and open issues; presents an overview of major classes of cloud technology, and provides guidelines and recommendations on how organizations should consider the relative opportunities and risks of cloud computing.
This NIST publication provides a catalog of security and privacy controls for federal information systems and organizations and a process for selecting controls to protect organizational operations (including mission, functions, image and reputation), organizational assets, individuals, other organizations, and the Nation from a diverse set of threats including hostile cyber attacks, natural disasters, structural failures and human errors (both intentional and unintentional).
This document by the National Institute of Standards and Technology provides guidelines for a risk-based approach to protecting the confidentiality of PII. Intended primarily for U.S. federal agencies, the guidance provides information that other organizations may find useful.
This publication by the National Institute of Standards and Technology provides an overview of the security and privacy challenges pertinent to public cloud computing and points out considerations organizations should take when outsourcing data, applications and infrastructure to a public cloud environment.
This document from the Alberta, British Columbia and federal privacy commissioners lays out in chart format the building blocks that make up a privacy management program.
This “explainer” from the Zero Knowledge Privacy Foundation is aimed at consumers and offers information about company privacy policies, including why companies have policies, how they vary from one to the next, whether companies are required to have privacy policies and how they may change going forward.
This template from the Newfoundland and Labrador Centre for Health Information is used to evaluate the impact on privacy that results from change to a system, environment, or process. The template is offered in word format for easy customizing.
This form provides a method of communicating the initial known details of a possible information security incident within an organization. The form is offered in word format for easy customizing.
The Information and Privacy Commissioner of Ontario provides a practical guide for implementing the principles of Privacy by Design in the mobile communications industry.
The U.S. Federal Trade Commission released this report setting forth best practices for businesses to protect the privacy of American consumers and give them greater control over the collection and use of their personal data.
The Vermont Law School created this policy intended to protect consumers while supporting a national rollout of a smart electric grid, utility companies would ensure customer information is not disclosed to third parties except when the customer consents, disclosure is required to provide reliable electric service or disclosure is required by law, such as warrants or "sunshine" laws.
In order to bridge differences in approaches to privacy and provide a streamlined means for U.S. organizations to comply with the Directive, the U.S. Department of Commerce in consultation with the European Commission developed this "safe harbor" framework. This site provides the information organizations need to evaluate and join the U.S.-EU Safe Harbor program.
The Interactive Advertising Bureau Self-Regulatory Program for Online Behavioral Advertising aims to help protect consumers’ privacy rights and expectations in ad-supported online media. It was developed through a three-year collaboration of the marketing-media industry.
Created by the National Advertising Initiative, this is a set of self-regulatory principles that require NAI member companies to provide notice and choice with respect to online behavioral advertising, limits the types of data that member companies can use for advertising purposes and imposes a host of substantive restrictions on member companies' collection, use, and transfer of data used for online behavioral advertising.
Page 5 of 10 pages ‹ First < 3 4 5 6 7 > Last ›