Building Effective Privacy Programs : Cybersecurity from Principles to Practice

Edwards, Jason/ Weaver, Griffin

John Wiley & Sons Inc（2025/10発売）

• 製本 Hardcover:ハードカバー版／ページ数 480 p.
• 言語 ENG
• 商品コード 9781394342631

Full Description

Presents a structured approach to privacy management, an indispensable resource for safeguarding data in an ever-evolving digital landscape

In today's data-driven world, protecting personal information has become a critical priority for organizations of all sizes. Building Effective Privacy Programs: Cybersecurity from Principles to Practice equips professionals with the tools and knowledge to design, implement, and sustain robust privacy programs. Seamlessly integrating foundational principles, advanced privacy concepts, and actionable strategies, this practical guide serves as a detailed roadmap for navigating the complex landscape of data privacy.

Bridging the gap between theoretical concepts and practical implementation, Building Effective Privacy Programs combines in-depth analysis with practical insights, offering step-by-step instructions on building privacy-by-design frameworks, conducting privacy impact assessments, and managing compliance with global regulations. In-depth chapters feature real-world case studies and examples that illustrate the application of privacy practices in a variety of scenarios, complemented by discussions of emerging trends such as artificial intelligence, blockchain, IoT, and more.

Providing timely and comprehensive coverage of privacy principles, regulatory compliance, and actionable strategies, Building Effective Privacy Programs:

Addresses all essential areas of cyberprivacy, from foundational principles to advanced topics
Presents detailed analysis of major laws, such as GDPR, CCPA, and HIPAA, and their practical implications
Offers strategies to integrate privacy principles into business processes and IT systems
Covers industry-specific applications for healthcare, finance, and technology sectors
Highlights successful privacy program implementations and lessons learned from enforcement actions
Includes glossaries, comparison charts, sample policies, and additional resources for quick reference

Written by seasoned professionals with deep expertise in privacy law, cybersecurity, and data protection, Building Effective Privacy Programs: Cybersecurity from Principles to Practice is a vital reference for privacy officers, legal advisors, IT professionals, and business executives responsible for data governance and regulatory compliance. It is also an excellent textbook for advanced courses in cybersecurity, information systems, business law, and business management.

Contents

Table of contents

Preface

Chapter 1 - Introduction to Privacy   

Definition and Importance of Privacy           

Historical Perspective on Privacy      

Modern Privacy Challenges   

Recommendations     

Chapter Conclusion

Questions       


Chapter 2 - Understanding Personal Data     

Definition and Types of Personal Data         

Sensitive Personal Data         

Data Combinations and Anonymization        

Recommendations     

Chapter Conclusion

Questions

 

Chapter 3 - Data Processing   

Definition and Types of Processing   

Legal Bases for Processing    

Data Processing Principles     

Recommendations     

Chapter Conclusion

Questions

           

 

Chapter 4 - Roles and Relationships  

Data Controller vs. Data Processor    

Sub-Processors           

Data Subjects and Their Rights         

Recommendations     

Chapter Conclusion

Questions

 

 

Chapter 5 - Privacy Impact Assessments (PIA)        

Purpose and Benefits of PIA 

Conducting a Privacy Impact Assessment (PIA)      

Importance of Stakeholder Involvement       

PIA Templates and Examples

Recommendations     

Chapter Conclusion

Questions

 

 

Chapter 6 - Roles in Privacy Leadership       

Chief Privacy Officer (CPO) 

Chief Information Security Officer (CISO)  

Data Protection Officer (DPO)          

Privacy Champions    

Privacy Engineers      

Recommendations     

Chapter Conclusion

Questions

           

 

Chapter 7 - Data Subject Rights (DSR)         

Data Subject Rights (DSR)    

Handling Data Subject Requests       

DSR Tools and Techniques   

Recommendations     

Chapter Conclusion

Questions

           

 

Chapter 8 - Privacy Frameworks and Standards       

NIST Privacy Framework: Mapping Organizational Practices to the Framework   

ISO/IEC 27701          

Other Notable Frameworks: GDPR, CCPA, PIPL, and LGPD        

Recommendations     

Chapter Conclusion

Questions

 

           

Chapter 9 - Major Privacy Laws and Regulations     

Major Privacy Laws and Regulations

California Consumer Privacy Act (CCPA)   

Health Insurance Portability and Accountability Act (HIPAA)       

Comparative Analysis of Global Regulations           

Recommendations     

Chapter Conclusion

Questions

           

 

Chapter 10 - International Privacy Concerns

Cross-Border Data Transfers

Adequacy Decisions

Binding Corporate Rules and Standard Contractual Clauses

Recommendations

Chapter Conclusion

Questions

 

 

Chapter 11 - Regulatory Enforcement

Role of Data Protection Authorities

International Cooperation Between Authorities

Guidance on Emerging Issues

Enforcement Actions and Penalties

High-Profile Cases and Their Implications

Appeals and Legal Remedies

Case Studies of Regulatory Actions

Recommendations

Chapter Conclusion

Questions

 

 

Chapter 12 - Privacy by Design and Default

Principles of Privacy by Design

Embedding Privacy in Organizational Culture

Lifecycle Management of Personal Data

User-Centric Privacy Controls

Implementing Privacy by Default

Case Studies and Best Practices

Recommendations

Chapter Conclusion

Questions

 

 

Chapter 13 - Privacy Technology and Tools 

Privacy Enhancing Technologies (PETs): Anonymization vs. Pseudonymization   

Data Masking and Encryption           

Privacy Management Software         

Recommendations     

Chapter Conclusion

Questions

 

 

Chapter 14 - Data Breach Management        

Identifying and Responding to Data Breaches          

Notification Requirements     

Post-Breach Remediation      

Recommendations     

Chapter Conclusion

Questions

 

 

Chapter 15 - Emerging Privacy Trends         

Artificial Intelligence and Privacy     

Internet of Things (IoT) and Privacy 

Blockchain and Privacy         

Recommendations     

Chapter Conclusion

Questions

           

 

Chapter 16 - Privacy Program Implementation         

Establishing a Privacy Governance Structure

Developing Privacy Policies and Procedures

Implementing Privacy Controls and Measures          

Monitoring and Reporting on Privacy Compliance   

Continuous Improvement of the Privacy Program    

Recommendations     

Chapter Conclusion

Questions

 

 

Chapter 17 - Privacy Training and Awareness          

Developing Effective Privacy Training Programs     

Engaging Employees in Privacy Awareness 

Training Tools and Resources           

Sample Annual Privacy Training Plan          

Recommendations     

Chapter Conclusion

Questions

 

 

Chapter 18 - Privacy Audits & Assessments 

Privacy Audits and Assessments       

Using Assessment Tools        

Integrating Assessments with Risk Management      

Reporting and Follow-Up Actions    

Recommendations     

Chapter Conclusion

Questions

 

 

Answers

Index