Prejudice

Home » Uncategorized » Liability associated with Personally Identifiable Information (PII) in organizational and Business setup

Liability associated with Personally Identifiable Information (PII) in organizational and Business setup

Recent Posts: Prejudice

Is altering signature on cheque a material alteration of the cheque?

Is altering signature on cheque a material alteration of the cheque?

In Aldons v. Cornwall, a material alteration to a negotiable instrument was defined as “an alteration, which alters the business effect of the instrument if used for any business purpose. Example: Date, The time of payment, The place of payment, The sum of payment, The number of parties, The relationship between the parties, Legal character […]

Liability associated with Personally Identifiable Information (PII) in organizational and Business setup

Liability associated with Personally Identifiable Information (PII) in organizational and Business setup

Lately we have been analysing issues related to management of Personally Identifiable Information (hereinafter PII), in an organizational and business setup. There are a lot of PII issues involved in running a business or organization that are not even considered while dealing with the idea of PII in Law. Here are some of the things […]

Understanding section 24 an 25 of Hindu Marriage Act, 1955.

Understanding section 24 an 25 of Hindu Marriage Act, 1955.

This may be by far the most legal prejudice we have posted. But it deliberates upon important aspect of law relating to maintenance of spouse and child during the pendency of trial. We hope you enjoy reading this and god forbid, but if need ever be, you could use this for furtherance of your cause. […]

Rationalizing proliferation with respect to net neutrality

Rationalizing proliferation with respect to net neutrality

Net neutrality is the principle that Internet service providers should enable access to all content and applications regardless of the source, and without favouring or blocking particular products or websites. The principle objective of net neutrality is that “all the Internet traffic has to be treated equally without any discrimination”; but this has had different […]

North Korea’s Nuclear Test (Prejudice)

North Korea’s Nuclear Test (Prejudice)

On Friday, 9th of September North Korea conducted a nuclear test for the fifth time on the country’s National Day. The only difference is that this time it was successful and much more powerful. This had led to outrage all over the world, with many leaders reacting angrily. China opposed the test, with South Korea […]

personal_info.jpg
Lately we have been analysing issues related to management of Personally Identifiable Information (hereinafter PII), in an organizational and business setup. There are a lot of PII issues involved in running a business or organization that are not even considered while dealing with the idea of PII in Law. Here are some of the things that are to be considered by an organization while dealing with issues pertaining to PII:
 
• Level of assessment of PII is important in any organizational setup. Data field and its relevance in PII terms can be used for the same.
 
• Context is to be considered while dealing with PII. Say for instance leakage of Law enforcement data and data with respect to subscribers will have two very different legal and social implications. Accordingly steps have to be taken and protocols designed to deal with crisis.
 
• Individual case to case approach should be taken. Assessing the level of PII loss and contextual implications of the same differ on a case to case basis.
 
• Either there is release of information by the organization itself or there is a leakage of information. In both the cases modifying method of usage and kind of information to be release can be determined by some methods such as context if usage, data field sensitivity, identifiability, quantity of PII, obligation to protect confidentiality and access to and location of PII.
 
• De-identification algorithms, controlling Access to information, separation of duties, remote access etc. can be used to secure PII.
 
• How to calculate losses due to leakage or release of PII? – depends on multiple factors and basically on context. Harm caused is to be measured on three thresholds i.e. Low, Medium or High?
 
This is a very basic introduction to the various aspects of our research in this field. For more, keep following us!
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: