GB/T 41817-2022在企业隐私工程体系建设中的应用实践
Application Practices of GB/T 41817:2022 in the Construction of Enterprise Privacy Engineering System
白晓媛 1彭晋 1徐羽佳2
作者信息
- 1. 蚂蚁科技集团股份有限公司
- 2. 中国电子技术标准化研究院
- 折叠
摘要
针对企业面临的个人信息保护挑战,基于GB/T 41817-2022《信息安全技术 个人信息安全工程指南》中原则、准备工作、各阶段活动等核心内容,构建覆盖个人信息生命周期和产品生命周期的i-ABC隐私工程体系,在系统层面构建隐私影响评估、风险监测识别、风险快速处置、隐私管控策略动态调整的体系化能力,以及结合行业态势发展和新技术应用的快速洞察分析能力.
Abstract
In response to the personal information protection challenges faced by enterprises,based on the principles,preparation work,and activities in each stage of GB/T 41817-2022"Information security technology—Guidelines for personal information security engineering",the i-ABC privacy engineering system covering the personal information lifecycle and product lifecycle is implemented.i-ABC privacy engineering system provides a systematic capability for privacy impact assessment,risk monitoring and identification,risk disposal,and dynamic adjustment of privacy control strategies at the system level,and the rapid insight and analysis capabilities for the industry trends and application of new technologies.
关键词
隐私工程/个人信息保护/个人信息生命周期/产品生命周期/隐私设计Key words
privacy engineering/personal information protection/personal information lifecycle/product lifecycle/privacy by design引用本文复制引用
出版年
2024
NETL
NSTL
万方数据