“All in all, the privacy risk can be defined as the possibility of an unwanted or unexpected consequence from the perspective of the individual, causing any level of harm or nuisance to her, resulting from the loss of either confidentiality, integrity or availability (information security issues) of her personal data or from insufficient level of predictability, manageability or disassociability (failure to meet privacy engineering objectives) in relation to her personal data. Such risk needs to be measured for likelihood and severity.”
- In order to manage privacy risk it first needs to be identified.
- Secondly, risk needs to be assessed (e.g Date Protection Impact Assessment).
- Once the risk is identified and assessed, it has to be mitigated with appropriate privacy and security controls.
- Afterwards, the risk needs to be constantly monitored, throughout the life-cycle of the process and system and until the data are securely erased.
- All these efforts and cycles need to be documented and backed by sufficient metrics.