- review links
- Microsoft: Privacy in the Cloud
- Privacy Issues Darken Cloud Computing Plans
- UK:CIO Code of Practice on Privacy Impact Assessments (PIA)
- IRS PIA Model
1. Review both the PIA Code of Practice from the UK:CIO and the IRS PIA Model. Both are good examples of generic questions that should be part of a Privacy Impact Assessment (PIA). The IRS example site has additional examples of PIA documents. Using the links above as a starting place, create your own minimum 2 page PIA for Cloud Computing template with questions that might be used as a prototype for any type of organization. Include at least two additional sources for PIA information, templates, or guidance.This assignment should be a minimum of two pages in length
2. With the recent NSA leaks, numerous foreign governments are making statements like the following, “The Canadian provinces of British Columbia and Nova Scotia have already forbidden any government data from being stored or processed by providers located in the United States.” They go on to state that incidents involving other countries depict the same reluctance to use US CSPs. you should research similar rules in other countries (especially the European Union).
In your posting, include answers to all of the following questions:
- What are the rules for other countries in regard to personal data security in cloud computing?
- Why do they have these rules?
- Do you believe they may be changed over time?
- What are some basic differences in the privacy rules among the US, Asia and Europe?
- How can these rules be enforced when many cloud providers use data centers spread throughout the world?
- In your opinion, will there eventually be one standard for personal data privacy? Or are the differences too culturally embedded to overcome?