| documento | 2023-03-14 · NEW:  Appunta · Stampa · Cita: 'Doc 96522' · pdf |
Privacy in the product design lifecycle |
abstract:
Link: https://ico.org.uk/for-organisations/privacy-in-th
analisi:
index:
Indice
- The case for privacy
- Privacy in the kick-off stage
- Privacy in the research stage
- Privacy in the design stage
- Privacy in the development stage
- Privacy in the launch phase
- Privacy in the post-launch phase
- Further reading
- Should
- Could
- Further reading
testo:
estimated reading time: 2 min If you’re making a product or service that involves processing personal information, it is important to consider data protection law throughout the design and development process. This includes kick-off, research, design, development, launch, and post-launch phases. The case for privacy – Your organisation must comply with relevant laws. But there are also pressing reasons beyond legal compliance to prioritise privacy. For example, the risk of harming people and society itself, as well as the business risks to organisations. Privacy in the kick-off stage – including kick-starting collaboration, mapping your product’s personal information needs, and ideas on weaving privacy into your business case. Privacy in the research stage – including gathering up-front perspectives on privacy, testing of work in progress, and ways to protect the personal information of research participants. Privacy in the design stage – including choosing the right moments, obtaining valid consent, and communicating privacy information in ways people understand. Privacy in the development stage – including defining the appropriate amount of personal information required, exploring technical solutions that enhance privacy, and protecting personal information in development environments. Privacy in the launch phase – including conducting pre-release checks, factoring privacy into rollout plans, and deciding how best to communicate changes. Privacy in the post-launch phase – including monitoring and triaging fixes, reappraising expectations and norms, and celebrating privacy successes. Further reading This guidance is written for technology professionals such as product and UX designers, software engineers, QA testers, and product managers. It assumes your organisation acts as a data controller. Companies whose software, products, apps, or websites collect, manage, or share people’s personal information are likely to meet this definition. If your organisation acts as data controller, the organisation is responsible for complying with data protection law. Data protection obligations vary for organisations that fall outside this category, such as those that act as processors for personal information. This guidance will help you, as technology professionals, understand how to incorporate data protection by default and design in your development of a technology product or service. It is not a substitute for detailed ICO guidance, but is intended to help you understand how to navigate and apply our more detailed guidance throughout the product design lifecycle. To help you to understand the law and good practice as clearly as possible, this guidance says what organisations must, should, and could do to comply. Must refers to legislative requirements. This approach only applies where indicated in our guidance. We will update other guidance in due course. Further readingSummary
About this guidance
Legislative requirements
Good practice
Next: The case for privacy →
Link: https://ico.org.uk/for-organisations/privacy-in-th
Testo del 2023-03-14 Fonte: GPDP
Documento Privacy Ux Sviluppatori Linee guida Englishù Privacydb Wallabag