SRC Academy
Expert speakers will provide information at deep technical level for current issues in IT security.
- Specialist seminars
- In-house seminars
- 24.04. - 26-04. 2012: QSA Auditierung nach PCI DSS (German)
Design, implementation and operation of secure transaction and information systems for national and international clients.
Know-how transfer in the context of individual seminars.
Privacy Impact Assessment, e.g. for contactless applications
Applications based on contactless data transmission such as NFC, RFID are currently taking an ever-increasing market acceptance. However, the question arises whether the interests of data protection in the realisation of these applications have been considered sufficiently. To clarify this question, a so-called Privacy Impact Assessment, short PIA, is suitable. This is a structured and repeatable analysis of how and what type of personal data are processed in IT systems, programs, initiatives or technologies. The aim is to identify risks for data protection and privacy of persons concerned, the assurance of conformity to relevant statutory and regulatory provisions and the identification of protective measures as well as alternative processes to increase the level of compliance and to minimize possible risks. A PIA is ultimately an assessment of data protection impact and risk.
In April 2011 a framework for carrying out PIAs as part of a deployment of RFID technologies was published at EU level.This PIA framework comes in response to a directive by the EU to safeguard privacy in RFID-based applications and intended to prevent a statutory EU regulation through a restraint of operators of RFID systems. The current version of the PIA-frameworks ("PIA III") was accepted as reasonable by "Article 29 Working Party" (the independent advisory body to the European Commission in matters of data protection).
Although only a standardized framework for PIA of RFID technologies is available at European level, their use is not limited to contactless applications. Privacy Impact Assessments can be used for all applications and products by which personal data are processed.
Are you interested in carrying out a PIA for your applications?
Do you want to know more about what a PIA can contribute, what benefits arise and how to conduct one?
Please contact the data protection experts of SRC: matthias.hauss [at] src-gmbh.de.
Feature Article
Latest News
17.02.2012 | Point to Point Encryption (P2PE)
17.02.2012 | SRC presentation at COSADE Workshop
10.02.2012 | Smart Metering Workshop
To top
Print pageCopyright © SRC Security Research & Consulting GmbH
Graurheindorfer Straße 149a . 53117 Bonn . Telephone: +49(0)228 2806-0 . Telefax: +49(0)228 2806-199 . info[at]src-gmbh.de
- Test and Audit Services
- Introduction
- PCI DSS / PCI PA-DSS / PCI PTS
- Ethical Hacking / Penetration Testing
- Computer Forensics
- Security Audits
- Logical and Physical Security Audits
- On-site security audits
- Security evaluations using Common Criteria
- Testing and Confirmation office
- Security assessments of national and international payment systems
- Test and Quality Assurance
- Consulting
- Reasons for partnering with SRC