In this chapter, we consider requirements for Privacy Impact Assessments (PIAs) carried out within a cloud computing environment and explain how a PIA support tool may be constructed. Privacy is an important consideration in cloud compu-ting, as actual or perceived privacy weaknesses will impact legal compliance, data security, and user trust. A PIA is a systematic process for evaluating the possible future effects that a particular activity or proposal may have on an individual’s privacy. It focuses on understanding the system, initiative or scheme, identifying and mitigating adverse privacy impacts and informing decision makers who must decide whether the project should proceed and in what form. A PIA, as a proactive business process, is thus properly distinguished from reactive processes, such as privacy issue analysis, privacy audits and privacy law compliance checking, applied to existing systems to ensure their continuing conformity with internal rules and external requirements.
|Translated title of the contribution||A Privacy Impact Assessment Tool for Cloud Computing|
|Title of host publication||Privacy and Security for Cloud Computing|
|Editors||Pearson S., G Yee|
|Number of pages||50|
|Publication status||Published - 2012|