• HOME
• ABOUT US
• CLIENTS
• :: SERVICES
• OUR NETWORK
• PUBLICATIONS
• CONTACT
• BLOG

SERVICES

IIS provides a range of services that it can tailor to the particular requirements of an organisation.

• Privacy advice and strategy
• Privacy impact assessment (PIA)
• Privacy audit
• Privacy skills development training
• Data breach and privacy complaint handling advice
• Thought leadership
• Research

Privacy advice and strategy

IIS provides privacy and trust advice in both formal and informal ways and for short or long term periods. IIS informally mentors organisations through handling a particular privacy incident or in the early stages of privacy thinking about a new project and how to tackle privacy.

IIS also develops formal privacy strategies. Where trust is crucial to the success of a project or when trust provides a competitive edge, IIS can help build the winning strategy. A privacy and trust strategy provides a 'blue print' for building trust and privacy in from the beginning of a project by:

• Identifying privacy and trust issues and opportunities;
• Developing values and principles that can underpin decision making and communications strategies as the project progresses;
• Developing mechanisms for embedding a culture of privacy within an organisation in developing and implementing a project;
• A plan for public engagement in the project to achieve transparency and trust;
• Mechanisms for identifying new issues and opportunities as the project develops;
• Advice about how to build privacy in to the organisation at board level.

Privacy impact assessment (PIA)

A PIA is a process which enables organisations to "anticipate and address the likely impacts of new initiatives, foresee problems, and negotiate solutions."¹

The IIS approach to Privacy Impact Assessment builds on PIA guidelines issued by the Australian Office of the Privacy Commissioner and by the United Kingdom Information Commissioner. The IIS approach goes beyond mere compliance with privacy law; it looks to wider privacy challenges and opportunities including allocation of risks and individual trust and looks for solutions so that information flows are appropriate and to everyone's benefit.

The IIS experience strongly indicates that community trust is more likely to follow where a project considers fair allocation of risks; individual control; and accountability.

A PIA is a very useful tool when an organisation is developing new services, business processes or products involving personal information or is changing existing projects or services which may have privacy implications. It is particularly relevant when moving products and services online or introducing new products and services online.

Privacy audit

IIS conducts privacy audits for organisations wishing to assess the extent to which their current processes and procedures are likely to comply with privacy regulation or to manage other privacy risks.

Organisations may seek an audit when they have experienced a privacy breach and wish to reassure their customers that the organisation has appropriate privacy processes and procedures in place.

An organisation may also seek an audit to reassure itself that the processes it put in place when private sector legislation came into effect in 2001 are still current, effective and complied with.

Skills development and training

IIS provides skill development and training to organisations that wish to raise internal awareness of privacy among their staff, CEOs and boards. IIS training capabilities include providing practical and entertaining workshops that engage, inform and inspire attendees. IIS also organises more publicly focused workshops, for example, for young people, to raise awareness of online security and safety issues.

Data breach and privacy complaint and crisis handling advice

IIS advises organisations on how to manage data breach incidents, other privacy crises and privacy complaints including how to respond appropriately to contact with the Office of the Privacy Commissioner.

Thought leadership

IIS is a globally recognised thought leader in the area of privacy and trust. IIS can help organisations to position themselves as future orientated and leading edge service providers. It can also help public and private sector organisations think through the practical implications of privacy law reform proposals or to consider how regulation can be developed to enable privacy approaches to keep up with emerging new business and service provision models.

IIS can draw upon its network to run 'think tank' like forums that connect people and ideas. IIS has successfully partnered with Global Access Partners on such issues as identity management, for example, in a forum with Microsoft's Kim Cameron, and on a new approach to privacy and trust in the information age.

This process can transform good ideas into real world solutions and programs for change that have stakeholder support.

IIS has delivered a number of thought leadership projects including the preparation of articles and white papers in a wide range of areas including e-government, information governance, identity management, regulatory design: China, P&TP, and international cooperation on cross-border data flows.

A selection of these can be downloaded from the White papers and Thought leadership section of the IIS publications page.

Research

IIS uses its network and experience to provide innovative and insightful research to clients to seeking the latest information on a particular privacy topic, or privacy friendly technology, including identity management technology.

¹See http://www.ico.gov.uk/for_organisations/topic_specific_guides/pia_handbook.aspx