StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Data Protection Act and Conducting International Trade - Assignment Example

Cite this document
Summary
In the paper “Data Protection Act and Conducting International Trade,” the author discusses the PIPED Act, where an individual's consent or permission is necessary for any disclosure of data to a third party. All Canadian organizations are subject to the PIPED Act…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER94.7% of users find it useful
Data Protection Act and Conducting International Trade
Read Text Preview

Extract of sample "Data Protection Act and Conducting International Trade"

Data Protection Act and Conducting International Trade Introduction Going by the PIPED Act, an individual's consent or permission is necessary for any disclosure of data to a third party. All Canadian organizations are subject to the PIPED Act, and are liable and responsible for complying with the information therein, the physical location of the information notwithstanding. Organizations have to ensure that their foreign operations are carried out in the same manner as those used for their operations in Canada. (http://ec.europa.eu/justice_home/fsj/privacy/thridcountries/adequacy-faq_en.htm) In cases where there is disclosure of information to a third party outside Canada for processing, the Canadian organization in question must have permission or consent to do so. It is necessary to ensure that every organization’s foreign organization follows the same requirements that would apply for Canadian operations, if the information is being transferred for processing. This can be achieved by entering into a contract or legal agreement with the other party “and adherence to the agreement that the foreign organization must work by the requirements of the Act, the OECD is an instance of such agreements.” (http://ec.europa.eu/justice_home/fsj/privacy/thridcountries/adequacy-faq_en.htm) Many members of the OECD in the European now have legislations in place, which apply the Privacy Protection Guidelines to the private and public sectors. As a result of this, the most recent OECD analysis on access and supply rights recognizes that: 1. Governments may have a right to block the transfer or broadcast of information between a supplier and potential customer(s) if the information may be considered to endanger national security or to conflict with societal norms on censorship or data protection 2. Third party individuals may require the right to block transfer or broadcast of information between a supplier and potential customer(s) if the information relates to the privacy of the individual. (OECD, 1990, pp. 47) Impact of the Data Protection Act on Security Functions Every organization considers its data pool and its information resources to be invaluable assets, and thus will apply the necessary security strategies in order to protect its information in a way to safeguard its interests. The data protection act helps in avoiding any breach of security that might affect data privacy. The Data protection act requires the implementation of standardized strategies for a secure data management. Every organization is required to assess its own security practices, because necessary security provisions might involve the development and implementation of security policies to protect private data and information. Thus, security policies help to ensure that the organization’s data privacy goals or requirements are met. The amount resources and effort utilized to achieve this will vary according to the size and nature of the organization. A flexible safeguard requirement has been formed in Canadian law, and a short documentation of how information is safeguarded can be found below: Security policy (design, implement and audit). Physical measurements (locked filing cabinets, restricting access to offices, alarm systems). Organizational controls (security clearances, limiting access on a “need-to-know” basis, staff training, and confidentiality agreements). Reviewing and updating security measures regularly. Technological tools (passwords, encryption, firewalls, safeguarding software). Training of Employee (Making employees aware of the importance of maintaining the security and confidentiality of personal information by holding regular staff training on safeguards). (http://www.nymity.com/privaworksdefinitions.asp) Developing a Security Plan with policies Having a security policy is instrumental in the formation of a secure organization, so a security policy is necessary to establish standards for what is permissible and what is not, within a company’s framework. Standards have to be established for protecting the network resources and for assigning program management responsibilities and providing basic rules and guidelines to be followed in the organization. A security policy contains various sections that can be categorized into sections. The first category outlines what parameters are to be used within the policy. The second category defines accreditation and risk assessment, while the third category outlines the rules and guidelines formed using the information from the second section. (Caroline_Reyes_GSEC v1.3, 2005, p. 3-4.) Physical security measurements It is very necessary to check all possible avenues that can lead to unauthorized access. Theft and damage of computer equipment, hardware and software might arise from internal, as well as external sources, and social engineering is another concern that must be taken into consideration. This may include Alarm systems, deployment of Biometric Technology, locked filing cabinets and restricted access to offices. Controlling Access Security control system must ensure that only authorized personnel are able to access office computers and computer files. Employees who need access to perform their work tasks should have a computer account and access to that which is relevant to their work responsibilities only. Storage of sensitive information A major purpose of the data protection act is to “extend the present laws of Canada that protect the privacy of individuals with respect to personal information about themselves held by a government institution and that provide individuals with a right of access to that information.” (http://www.privcom.gc.ca/legislation/index_e.asp). Some information may be sensitive from a strategic point of view. An instance, personal information for both employees and customers, could be considered valuable and sensitive which may require special handling for storage and protection. (http://www.privacyguide.cebi.ca) Desktop security can be used to save sensitive information that is stored on individual or personal computers. This involves a process of computer deployment and the setting of best practices for use in workstations. Technological tools A password can be defined as a code that can be used to gain access into a secure or locked system. From a security conscious point of view, a good password is one that: Cannot be guessed easily, Contains upper and lower case letters, and Has characters that are Non-letters, which are not simple combinations. Back ups: Are one of the main concepts of data security strategy, it has a high priority in any good and proper plan. A recovery disaster strategy of data files is mainly based and relies on regular back-up procedures. Anti-virus tools: software searches incoming messages, data and your personal computer's memory for computer viruses and removes any that are found. This tool is a key to ensuring the safety of information and data that you receive from others and the data you keep on your personal computer. Software Patches: To update and upgrade the safeguards software in case of vulnerability has been discovered, related patches are released to recover any vulnerability. Regular check with vendors' Web sites for the latest available fixes will be sufficient. Encryption: is an electronic process of using an algorithm (a mathematical set of steps) and a key to enable systems to scramble information from a sender and then unscramble it at the receiving end. There are two types: symmetric key and asymmetric key. Asymmetric is also known as Public Key Infrastructure (PKI), which allows information to be transmitted confidentially and in a way that authenticates the sender. Firewalls: Generally, packet filtering firewall or proxy/application firewalls are set up to protect against unauthorized access from the outside world. Firewalls provide an important logging and filtering function, often they provide reports about what kinds and amount of traffic passed through it, how many attempts there were to break into it. Others: Secure Socket Layer (SSL), Virtual Private Network, remote Access, web security, monitoring, detection and containment, Intrusion Detection software (IDS) they all provide network administrators with insight into activity on their networks, and provide them with an "alarm" system that identifies potentially malicious network traffic. Awareness training Policies are useless if they are not followed in a proper manner, and individuals’ actions and behavior do play a big role in policy success. The first rule of implementation is making sure that people who have access to information and systems are aware of and well trained in what the suitable controls are, what security is required, and why it's important to follow them. Updating security measurements Policies and security measurements must be reviewed regularly to cover the new vulnerabilities and violations. This is an essential issue to enhance the security strategy. (http://www.privacyguide.cebi.ca) Conclusion Since the data protection act is designed to protect personal data stored on computers from misuse, it is essential to control the flow of information, and to give legal rights to organizations or individuals who have information stored about them. This will go along way in alleviating the fear and worries inherent in the abuse of data if it gets into the wrong hands. This report discusses a number of concerns about who is allowed to access information, how the data protection act can help to ensure data privacy, and the requirements placed on individuals and organizations in order to meet major security principles, due to the necessity to extend the present laws of Canada that protect the privacy of individuals with respect to personal information about themselves References Caroline_Reyes_GSEC v1.3, 2005, p. 3-4. http://www.privacyguide.cebi.ca http://www.privcom.gc.ca/legislation/index_e.asp http://www.privcom.gc.ca/information/guide_e.asp http://www.nymity.com/privaworksdefinitions.asp http://canada.justice.gc.ca/en/news/nr/1998/attback2.html http://ec.europa.eu/justice_home/fsj/privacy/thridcountries/adequacy-faq_en.htm OECD, 1990, pp. 47 Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(Data Protection Act and Conducting International Trade Assignment, n.d.)
Data Protection Act and Conducting International Trade Assignment. Retrieved from https://studentshare.org/law/1543205-data-protection-act-impact-on-security-on-canada-it-security
(Data Protection Act and Conducting International Trade Assignment)
Data Protection Act and Conducting International Trade Assignment. https://studentshare.org/law/1543205-data-protection-act-impact-on-security-on-canada-it-security.
“Data Protection Act and Conducting International Trade Assignment”, n.d. https://studentshare.org/law/1543205-data-protection-act-impact-on-security-on-canada-it-security.
  • Cited: 0 times

CHECK THESE SAMPLES OF Data Protection Act and Conducting International Trade

International Marketing

This process is synchronised initially by the General Agreement on Tariffs and Trade (GATT), which is followed by the World Trade Organisation (WTO) and also other nine rounds of the international trade negotiations which govern the current WTO system (Business Link, n.... Distinction and Explanation of Differences between Tariff and Non-Tariff Barriers to trade 4 3.... hellip; Most governments have the intention to impose these trade barriers so as to restrict imports of certain specific products in their countries....
7 Pages (1750 words) Essay

SOURCES OF DEMOGRAPHICS DATA

The essay will therefore act as focal point through which analysis of the methodological strengths and weaknesses will be reflected.... Demographic data are irrefutable numbers of a group statistically figured to reflect a particular finding.... Its uses range from identifying scientific subsets … 3 Key Sources of Demographics data.... Introduction Demographic data are irrefutable numbers of a group statistically figured to reflect a particular finding....
4 Pages (1000 words) Essay

The Commodity Exchange Act

The Commodity Exchange act (CEA) is an act of Congress, amended to the effective date of this chapter, codified at the United States Code, Title 7, Section 1, et seq.... and all subsequent amendments, additions or other revisions to that act, unless the administrator, within 10 days following the effective date of the amendment, addition or revision, disallows its application to this chapter or to any provision of this chapter by rule, regulation or order [1989, c....
20 Pages (5000 words) Essay

Legal Difficulties Faced by any US Based Multinational Corporation

A tort has been defined as a wrongful act against an individual or body corporate and his, her or its property which gives rise to a civil claim (David Kelly, Ann E.... In this summary, the author makes a brief view of week 5 discussions of torts that could potentially impact on a workplace....
6 Pages (1500 words) Essay

TSCA Chemical Reform and Operations

It was implemented in the EU as well as in Iceland, Liechtenstein and Norway (international trade Administration, 2013).... Exceptions to this rule include chemicals imported into the EU or manufactured in quantities below one ton, chemicals used for research and development, chemicals whose uses are covered by other EU legislation, and waste (international trade Administration, 2013).... With the Clean Air act and the Federal Water Pollution Control Act already in place dealing with toxic substances in emissions and effluents, there became an apparent need for comprehensive regulatory action of toxic substances....
17 Pages (4250 words) Essay

Managing Homeland Security

It resulted in the formation of the Homeland Security act 2002, which ultimately led to the formation of the Department of Homeland Security (DHS).... An author of the paper "Managing Homeland Security" intends to critically evaluate the US government's efforts to strengthen homeland security and handle the threats of terrorism....
8 Pages (2000 words) Term Paper

Cybercrime and Its Impact on International Trade

The "Cybercrime and Its Impact on international trade" paper explore the cyber-world and take a brief look at how trade is conducted through this media while highlighting the effect of cybercrimes on this line of commerce.... Thus, today the need of the hour is to create a uniformly secured cyber world environment, worldwide, which is legally protected, to ensure the continuity of the growth of net-based international trade.... In recent times 'e-trade' via the Internet has become extremely popular....
75 Pages (18750 words) Research Paper

International Trade and Technology as Main Drivers of Globalization

The paper “international trade and Technology as Main Drivers of Globalization” suggests that international trade liberalization agreements and activities, as well as technological progress, are key factors driving globalization in the last half-century as can be witnessed from GATT.... The effect of globalization has been seen mostly evident in technology transfer and international trade activities owing to trade liberalization agreements....
10 Pages (2500 words) Coursework
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us