Original Author: Assent Risk Management
Original Links: N/A
The Global Privacy Enforcement Network (GPEN)
The Global Privacy Enforcement Network was established in 2007 to nurture cross-border collaboration among privacy authorities.
Membership consists of the regulatory bodies of OECD countries including the UK, USA; and others such as China.
More: https://www.privacyenforcement.net
ICO Sign Up to GPEN Alert Tool
The Information Commissioner’s Office (ICO) have signed an arrangement to be part of a new technical solution for International Agencies involved in privacy enforcement.
The GPEN Alert is projected to be a secure and confidential information sharing tool for members of the Global Privacy Enforcement Network (GPEN), an international network of privacy enforcement authorities.
Christopher Graham, the Information Commissioner said:
“It is clear that organisations’ use of data is getting ever more complicated, and ever more international.
“People need to know privacy authorities around the globe are watching over their information, and that policing of the rules doesn’t stop at a country’s border.
“The launch of the GPEN Alert is an important practical step in achieving that, building on the international cooperation the GPEN network has developed. By providing a secure and confidential system, we hope it will prove a key tool in the future.”
The enforcement collaboration between the ICO and others can take a diverse range of forms; however until now it has proven challenging because it has been almost impossible to share information between authorities. Authorities need to make sure that any transfer is legally made, applying appropriate safeguards to protect the information being transferred. This means in particular that the information must be sent in a confidential and secure manner.
More information on this article can be found here:
https://ico.org.uk/about-the-ico/news-and-events/news-and-blogs/2015/10/gpen-alert/
Managing Information Security Globally
ISO 27001 is the internationally recognised standard for Information Security, designed to help organisations manage information security risks.
Additionally, organisations can achieve certification to the standard providing the added benefit of an independent verification of the system.
The ISO 27001 standard is written in the spirit of ‘business risk’ though, part of its complexity is Annex A, which details a variety of controls that can be used to mitigate certain risks. The 2013 revision of ISO 27001 contained 114 controls.
Implementing Information Security to ISO 27001 requires careful planning and control, and our consultants are trained in project management to help you keep things on track.
Find out more here: