Scalable, accountable privacy management for large organizations

Abstract

Accountability is emerging as an important theme within the regulatory privacy community. For global corporations, demonstrating accountability is no easy task due to the potentially large number of projects that have privacy sensitive aspects, privacy oversight being a mostly manual process and privacy staff typically being small. So how can a company present proof points that its projects comply with its privacy promises and obligations? In this paper we address this problem by introducing a technology-based solution for scalable, accountable privacy management across an organization. We present an Accountability Model Tool (AMT) that addresses the problem of capturing data about business processes in order to determine their privacy compliance. AMT utilizes an intelligent questionnaire with good completeness properties and is based on an augmented rule engine.