p3.ISOIEC 29100 TUV NORD V2

Why ISO 29100?
HL7
May 10, 2012
Eric Chen , Manager IT Business Dept.

echen@tuv-nord.com, +886-911-440986
IT Department
:

41
M. S. Computer Science, Temple University
:
Prudential Insurance (Dresher, PA, USA)
DuPont (Wilmington, DE & Boston, MA, USA)
Merck Pharmaceutical (West Point, PA, USA)
iSpheres (Oakland, CA, USA)
Xyphius convergence solutions (Fremont, CA, USA)
Armstrong University (Oakland, CA)
twNOC
Global Institute of Chinese Commerce
Philip Morris International (Marlboro)
IT Department
Agenda

ISO 29100
Q&A
IT Department
PIMS
C. I. A.
IT Department
PIMS
IT Department
2

PIMS
IT Department
PII Fraud
home
20091022 10:01
home
home
Mobile 011820140 home
+02270
12
workcool
home
home
IT Department
PII Fraud

20100620
IT Department
PII Fraud
2011-08-05
A4

IT Department
PII Fraud
2
20111224
2
2
1
2ABCD
20032005AA
B
copy
Story
10
IT Department
PII Fraud

201215 3:51
ATMMSN
()
11
IT Department
PII Fraud
03/05/2012
?!
12
IT Department

2010427
3

, , ,
: NCC

,

,

13
IT Department
ISO 29100
ISO 29100
IT Department
ISO 29100
ISO 29100 ()
Actors and Roles
Interactions
Recognizing PII (Personally Identifiable Information)
Privacy safeguarding requirements ()

Privacy policies ()
Privacy controls ()
15
IT Department
ISO 29100
PII Principle
PII
Controller
PII
Processor
Third Party

Recipients
Provider
Provider
Recipients
Provider
Recipient
Provider
Recipient
Provider
Recipient
16
IT Department
ISO 29100

(PIN)

IP

17
IT Department
:

,

:

:

:

: Sexual orientation
,
18
IT Department
ISO 29100
()
be appropriate to the purpose of the organization;
provide the framework for setting objectives;
include a commitment to satisfy applicable privacy safeguarding
requirements;
include a commitment to continual improvement;
be communicated within the organization; and
be available to interested parties, as appropriate.
19
IT Department
20
IT Department
54
21
IT Department
ISO 29100
ISO 29100 () (Ch.5)

1. Consent and choice
2. Purpose legitimacy and specification
3. Collection limitation
4. Data minimization ()
5. Use, retention and disclosure limitation
6. Accuracy and quality
7. Openness, transparency and notice
8. Individual participation and access
9. Accountability
10. Information security
11. Privacy compliance
22
IT Department
23
IT Department

( 11 )

( 12)

( 18 )

( 27 )
24
IT Department

( 21 )

( 22 )
25
IT Department
PIMS
IT Department
Q&A
27
IT Department
Who we are
Thank you
Vielen Dank
Asia Pacific IT business dept.

28
Author: Philip Ku, Introduciton to TUV NORD IT

services
June 2009

p3.ISOIEC 29100 TUV NORD V2

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

p3.ISOIEC 29100 TUV NORD V2

Uploaded by

Copyright:

Available Formats

Why ISO 29100?

Eric Chen , Manager IT Business Dept.

Privacy safeguarding requirements ()

ISO 29100 () (Ch.5)

Asia Pacific IT business dept.

Author: Philip Ku, Introduciton to TUV NORD IT

You might also like