Sciweavers

ACSAC
2003
IEEE

Protecting Personal Data: Can IT Security Management Standards Help?

14 years 5 months ago
Protecting Personal Data: Can IT Security Management Standards Help?
Compelled to improve information security by the introduction of personal data protection legislation, organizations worldwide are adopting standardized security management guidelines to inform their internal processes. This paper analyzes whether existing security management standards support process requirements for personal data management, drawing from experience with security policies in private organizations and through an analysis of current European and US legislation. Various aspects of personal data management not commonly addressed by security standards are identified, and a number of generally applicable enhancements are proposed to one common standard, IS17799. The appropriateness of including data protection guidelines in security standards is discussed, showing how these enhancements could simplify the definition of personal data management procedures in organizations. Key words: personal data protection, privacy, information security management, IS17799, multilateral s...
Giovanni Iachello
Added 04 Jul 2010
Updated 04 Jul 2010
Type Conference
Year 2003
Where ACSAC
Authors Giovanni Iachello
Comments (0)