Privacy-By-Design

Privacy-By-Design ()
7.2.	Privacy-by-Design

Name:	Privacy-by-Design
Statement:	Respect and protect personal information are built-in to any business practice and corresponding IT solution.

Rationale:
•	ESDC’s IM/IT assets are protected against theft, loss, damage, or unauthorized modification, destruction or disclosure in order to assure public confidence in the Department. 
•	When security is considered up front the result is more cost effective, and the outcome is more robust and resilient security protections for privacy.  
•	Information / Data capture, access and usage processes ensure the protection of privacy without impeding or delaying access to it for justified needs.

Implications:
•	All of the Departments’ business solutions must be compliant with the Privacy Act; MITS; ATIP policies; FAA, etc.
•	Privacy requirements must be determined with all stakeholders. 
•	Effective privacy administration processes and tools for assurance and accountability shall be required. 
•	A controlled variance process must be adhered to.
•	Must align to necessary frameworks, both internal and external as pertains privacy protection (i.e., GDPR, Canadian laws and regulations).
•	Automatic processing, trans-border and cross-entity flows of personal data create new forms of relationships among countries/entities and require compatible rules and practices be in place.
•	Personal data shall not be transferred to any entity unless that entity ensures an adequate level of protection and authorisation from individuals.
•	Current legislation and competing values might be a hurdle to sharing and free flow of private data.
•	Data Stewards must aid in removing or avoid creating unjustified barriers to private data.
•	We must prepare for breaches to permit a timely and appropriate response and course of action.
•	Personal data collection needs and uses must be clearly defined up front.
•	Personal data shall be adequate, relevant and not excessive in relation to the purpose. 
•	Private individuals must have the right and ability to view, edit their information, and the right to be forgotten in certain cases (i.e., data is disposed of at the end of the effective lifecycle of the data or process).
•	Automated means of processing private data must be transparent to data subjects.
•	Data classification will be necessary in all situations.
References:
•	Canada Border Services Agency (CBSA) defined Architecture Principles
•	CDO
•	Government of Ontario. OPS Enterprise Architecture: Principles and Artefacts