Please enable JavaScript.

Coggle requires JavaScript to display documents.

4-CONTROLS - Coggle Diagram

- - - - geographically, demographically,
        per customer/individual, etc
      - involves data already distributed
    - - physical segregation
      - logical segregation
        (role based access control)
  - - - assessing the need of data according to goals
        and not to preconceived designs of systems
    - - similar to exclude,
        but on an individualized base
    - - removal of unnecessary data
    - - best achieved by setting
        retention periods upfront
  - - - preventing unauthorized access to data
    - - obscuring relationships btw data, that would leak
        from an orderly processing
      - metadata
    - - encryption, different language, hashing
      - preventing understandability of data
    - - removing relations btw data elements
  - - - aggregating data to
        extract correlations
    - - making data less granular
        (e.g. age->age range)
    - - adding noise/approximating data
- - - - context policies & processes
      - control policies (policies dictating
        use of other strategies)
    - - variance policies & processes
    - - organizational-wide
        policies & processes
  - - - logging and reviewing
        data practices
      - for defined processes
    - - for less defined
        processes
    - - analyzing audits and logs
  - - - privacy notice
    - - in case of breach
    - - providing info clearly
        & explaining risks
- - - - pseudo/anonymized data
      - user centric architecture
    - - the more identifiable and centralized the data
        -> + reliance on pb policy