Information, Articles, Tools, and Useful LinksCommittee Listings, Member Forums, and Find a CITPInformation on AICPA Tech. Conference, Seminars, Webcasts, and ConferencesIT Section Membership Information, CITP Credential Information, Members Only Tools and Communications, and MorePublications, CPE, Conferences, and Webcasts
 
Search
 

Search Options
Infotech Home > Resources > Tools and Aids > Privacy > Research Tools

Research Tools

This section contains links to Web sites that will help with privacy research.

International Association of Privacy Professionals (IAPP)
The International Association of Privacy Professionals (IAPP) is the result of the recent union of the Privacy Officers Association (POA) and the Association of Corporate Privacy Officers (ACPO). IAPP is the nation’s leading association for privacy and security professionals. It helps its members build and maintain privacy programs while effectively navigating the rapidly changing regulatory and legal environments. Learn More>>

EPIC Online Guide to Practical Privacy Tools
The EPIC Online Guide to Practical Privacy Tools includes links to sites with information on snoop-proof e-mail, anonymous remailers, html filters, cookie busters, Web, telnet and disk encryption and voice and e-mail privacy resources, among other areas. Learn More>>

Cyber Security Tip ST04-008—Benefits of BCC
Although in many situations it may be appropriate to list email recipients in the To: or CC: fields, sometimes using the BCC: field may be the most desirable option. This Alert discusses some of the privacy reasons for using BCC. Learn More>>

 

Cyber Security Tip ST04-013—Protecting Your Privacy
Before submitting your email address or other personal information online, you need to be sure that the privacy of that information will be protected. This Alert discusses some of the ways you can protect your privacy online. Learn More>>

 

Privacy On and Off the Internet: What Consumers Want

This study, sponsored by the AICPA and Ernst & Young, and conducted for Privacy & American Business, examines consumers' opinions about both online and offline privacy: Harris Interactive for Privacy and American Business Privacy Study, Privacy On and Off the Internet: What Consumers Want. Learn More>>

 

Platform for Privacy Preferences Project (P3P)

The Platform for Privacy Preferences Project (P3P), developed by the World Wide Web Consortium, is emerging as an industry standard providing a simple, automated way for users to gain more control over the use of personal information on Web sites they visit. At its most basic level, P3P is a standardized set of multiple-choice questions, covering all the major aspects of a Web site's privacy policies. Learn More>>

 

Privacy Impact Assessment Standard

The Accredited Standards Committee X9 has released a standard covering Privacy Impact Assessments, or PIAs. A PIA is a tool for addressing privacy issues in a system under development. The PIA process will provide a proactive means to plan for compliance with applicable laws and regulations governing customer and consumer privacy. The standard is currently under final review with ANSI officials. More information on the PIA standard may be found in this Spring 2004 issue of X9's newsletter. Learn More>>

 

Enterprise Privacy Authorization Language (EPAL)

This is the Enterprise Privacy Authorization Language (EPAL) technical specification. EPAL is a formal language for writing enterprise privacy policies to govern data handling practices in IT systems according to fine-grained positive and negative authorization rights. It concentrates on the core privacy authorization while abstracting data models and user-authentication from all deployment details, such as data model or user-authentication. Learn More>>

 

A Roadmap For Comprehensive Online Privacy Policy Management
This paper presents a comprehensive architectural framework that supports the privacy policy life-cycle. In it the relevant technological and non-technical components required to support this life-cycle are identified, showing the relationships between these components. The framework suggests a detailed roadmap for research to be undertaken before sound privacy solutions may be realized. Learn More>>

 

GTAG 5: Managing and Auditing Privacy Risks

Posted with permission by The Institute of Internal Auditors, their guide, GTAG 5: Managing and Auditing Privacy Risks is intended to provide audit practitioners with guidance on the key issues that should be addressed to mitigate privacy risk in the collection, use, retention and disclosure of personal information. Learn More>>

 

GTAG 9: Identity and Access Management

Posted with permission by The Institute of Internal Auditors, their guide, GTAG 9: Identity and Access Management (IAM) provides guidance to practitioners in their work of developing and implementing IAM strategy. Learn More>>