Difference between revisions of "Glossary"
(→P) |
(→S) |
||
| (14 intermediate revisions by 3 users not shown) | |||
| Line 2: | Line 2: | ||
== A == | == A == | ||
| + | * ''AC'': see Actions | ||
| + | * ''AR'': see Access Requests. | ||
* ''Access Request'': a record which allows to manage the lifecycle of a request to access information on how ''personal data'' are managed by a data subject. A specific workflow in Privacy-Now® supports the lifecycle of ''access requests'' (see [[Access Requests]]). | * ''Access Request'': a record which allows to manage the lifecycle of a request to access information on how ''personal data'' are managed by a data subject. A specific workflow in Privacy-Now® supports the lifecycle of ''access requests'' (see [[Access Requests]]). | ||
* ''Action'': any activity performed by the ''organization'' in order to manage any other process supported by Privacy Now® (i.e. access requests, audits, consents, data breaches, issues, non conformities, privacy impact assessments, records of processing activities). Privacy Now® allows to record and support the lifecycle of ''actions'' with a specific workflow (see [[Actions]]). | * ''Action'': any activity performed by the ''organization'' in order to manage any other process supported by Privacy Now® (i.e. access requests, audits, consents, data breaches, issues, non conformities, privacy impact assessments, records of processing activities). Privacy Now® allows to record and support the lifecycle of ''actions'' with a specific workflow (see [[Actions]]). | ||
| + | * ''AU'': see Audit. | ||
* ''Audit'': an inspection, either made by internal, external or independent resources (see ''auditors'') aimed at checking the status of ''personal data'' management system and activities. Privacy Now® supports audit activities with a specific workflow (see [[Audits]]). | * ''Audit'': an inspection, either made by internal, external or independent resources (see ''auditors'') aimed at checking the status of ''personal data'' management system and activities. Privacy Now® supports audit activities with a specific workflow (see [[Audits]]). | ||
* ''Auditor'': any resource, internal or external of an organization with auditing responsibilities on ''personal data'' management. | * ''Auditor'': any resource, internal or external of an organization with auditing responsibilities on ''personal data'' management. | ||
| Line 11: | Line 14: | ||
== C == | == C == | ||
| + | *''CO'': see Consents. | ||
*''Consent'': the authorization (or denial) to manage ''personal data'' given by a ''data subject''. In Privacy-Now® ''consents'' lifecycle is supported by the consent management workflow (see [[Consents]] for more information). | *''Consent'': the authorization (or denial) to manage ''personal data'' given by a ''data subject''. In Privacy-Now® ''consents'' lifecycle is supported by the consent management workflow (see [[Consents]] for more information). | ||
== D == | == D == | ||
* ''Dashboard'': an information management tool that visually tracks, analyzes and displays key performance indicators (KPI), metrics and key data points to monitor the health of ''privacy management processes''. | * ''Dashboard'': an information management tool that visually tracks, analyzes and displays key performance indicators (KPI), metrics and key data points to monitor the health of ''privacy management processes''. | ||
| + | * ''DB'': see Data Breaches. | ||
* ''Data breach'': a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed. | * ''Data breach'': a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed. | ||
* ''Data controller'': means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. | * ''Data controller'': means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. | ||
| − | * ''Data | + | * ''Data processor'': means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller. |
* ''Data Protection Impact Assessment'': an assessment designed to help an organization to assess the risks associated with data processing activities that could compromise the rights and freedoms of individuals. In Privacy-Now® ''data protection impact assessments'' are managed using the ''privacy impact assessment'' workflow (see [[Privacy Impact Assessments]]). | * ''Data Protection Impact Assessment'': an assessment designed to help an organization to assess the risks associated with data processing activities that could compromise the rights and freedoms of individuals. In Privacy-Now® ''data protection impact assessments'' are managed using the ''privacy impact assessment'' workflow (see [[Privacy Impact Assessments]]). | ||
* ''Data Protection Officer'': a data protection officer is an enterprise security leadership role required by the General Data Protection Regulation (GDPR). Data protection officers are responsible for overseeing data protection strategy and implementation to ensure compliance with GDPR requirements. | * ''Data Protection Officer'': a data protection officer is an enterprise security leadership role required by the General Data Protection Regulation (GDPR). Data protection officers are responsible for overseeing data protection strategy and implementation to ensure compliance with GDPR requirements. | ||
| − | * ''Data | + | * ''Data subject'': a ''natural person'' whose personal data are managed by the ''organization''. |
| + | * ''DPA'': abbreviation for Data Processing Activity. | ||
| + | * ''DPA Owner'': the person in charge of managing one or more data processing activity records. This person has the privileges to change the content and status of the record. | ||
* ''DPIA'': see ''data protection impact assessment''. | * ''DPIA'': see ''data protection impact assessment''. | ||
* ''DPO'': see ''Data Protection Officer''. | * ''DPO'': see ''Data Protection Officer''. | ||
| Line 37: | Line 44: | ||
== I == | == I == | ||
| + | * ''INC'': see Issues & Non Conformities. | ||
* ''Issue'': an important topic or problem for debate or discussion related to ''personal data management''. A specific workflow in Privacy-Now® supports the lifecycle of ''issues'' (See [[Issues & Non Conformities]]). | * ''Issue'': an important topic or problem for debate or discussion related to ''personal data management''. A specific workflow in Privacy-Now® supports the lifecycle of ''issues'' (See [[Issues & Non Conformities]]). | ||
| Line 56: | Line 64: | ||
== P == | == P == | ||
| + | * ''PA'': see Processing Activities. | ||
* ''Personal data'': it means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. | * ''Personal data'': it means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. | ||
* ''Personal data breach'': see ''data breach''. | * ''Personal data breach'': see ''data breach''. | ||
| Line 67: | Line 76: | ||
== R == | == R == | ||
| − | + | * ''RI'': see Risks. | |
| + | * ''Risks'': TBD | ||
| + | * ''Risks Analysis'': TBD | ||
== S == | == S == | ||
| − | * ''Save & Next'': basic function of the system that enable the ''User'' to save the | + | * ''Save & Next'': basic function of the system that enable the ''User'' to save the record information and move the record status to the Next one. If more than one status is possible the ''User'' has to select the final status to be reach. |
* ''Settings'': settings which can be updated for Privacy Now® service. | * ''Settings'': settings which can be updated for Privacy Now® service. | ||
== T == | == T == | ||
| − | + | * ''Treats'': TBD | |
== U == | == U == | ||
| Line 81: | Line 92: | ||
== V == | == V == | ||
| − | * ''View'': | + | * ''View'': a list of records concerning a specific ''privacy management process''. It is possible to access to ''views'' from the left menu of the application. See also [[How To]] for more information on how to use ''views''. |
| + | * ''Vulnerability'': TBD | ||
== X == | == X == | ||
Latest revision as of 13:20, 18 February 2019
Below is a list of terms and definitions used in this documentation.
Contents
A
- AC: see Actions
- AR: see Access Requests.
- Access Request: a record which allows to manage the lifecycle of a request to access information on how personal data are managed by a data subject. A specific workflow in Privacy-Now® supports the lifecycle of access requests (see Access Requests).
- Action: any activity performed by the organization in order to manage any other process supported by Privacy Now® (i.e. access requests, audits, consents, data breaches, issues, non conformities, privacy impact assessments, records of processing activities). Privacy Now® allows to record and support the lifecycle of actions with a specific workflow (see Actions).
- AU: see Audit.
- Audit: an inspection, either made by internal, external or independent resources (see auditors) aimed at checking the status of personal data management system and activities. Privacy Now® supports audit activities with a specific workflow (see Audits).
- Auditor: any resource, internal or external of an organization with auditing responsibilities on personal data management.
B
C
- CO: see Consents.
- Consent: the authorization (or denial) to manage personal data given by a data subject. In Privacy-Now® consents lifecycle is supported by the consent management workflow (see Consents for more information).
D
- Dashboard: an information management tool that visually tracks, analyzes and displays key performance indicators (KPI), metrics and key data points to monitor the health of privacy management processes.
- DB: see Data Breaches.
- Data breach: a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.
- Data controller: means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
- Data processor: means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
- Data Protection Impact Assessment: an assessment designed to help an organization to assess the risks associated with data processing activities that could compromise the rights and freedoms of individuals. In Privacy-Now® data protection impact assessments are managed using the privacy impact assessment workflow (see Privacy Impact Assessments).
- Data Protection Officer: a data protection officer is an enterprise security leadership role required by the General Data Protection Regulation (GDPR). Data protection officers are responsible for overseeing data protection strategy and implementation to ensure compliance with GDPR requirements.
- Data subject: a natural person whose personal data are managed by the organization.
- DPA: abbreviation for Data Processing Activity.
- DPA Owner: the person in charge of managing one or more data processing activity records. This person has the privileges to change the content and status of the record.
- DPIA: see data protection impact assessment.
- DPO: see Data Protection Officer.
E
F
G
- Group: a set of people which can be assigned to a profile to grant specific privileges to manage a process (e.g. Actions management). See Users & Groups for more information on how to manage groups.
H
I
- INC: see Issues & Non Conformities.
- Issue: an important topic or problem for debate or discussion related to personal data management. A specific workflow in Privacy-Now® supports the lifecycle of issues (See Issues & Non Conformities).
K
- Knowledge item: a piece of information or a knowledge record concerning the protection of personal data. Knowledge items can be added and managed by the users but some are by the team of Privacy-Now® and cannot be edited by the users.
- Knowledge portal: a functionality of Privacy-Now® which presents knowledge items organized in categories. In the portal, knowledge items are visible to the members of the group they are published to.
L
- Login: TBC
M
N
- Non conformity: a deviation from the agreed policies and/or personal data management processes and procedures. A specific workflow in Privacy-Now® supports the lifecycle of non conformities (See Issues & Non Conformities).
O
- Organization: the organisation using Privacy Now® to manage data subjects' personal data.
P
- PA: see Processing Activities.
- Personal data: it means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
- Personal data breach: see data breach.
- PIA: see Privacy Impact Assessment.
- Privacy Impact Assessment: a systematic process which identifies and evaluates from the perspectives of all stakeholders the potential effects on privacy of a project, initiative or proposed system or scheme and which includes a search for ways to avoid or mitigate negative privacy impacts. In Privacy-Now®, privacy impact assessment are focused to assess the impact on processing activities (see data protection impact assessment).
- Privacy management processes: the processes and corresponding workflows automated by Privacy-Now® and aimed to support effective and efficient personal data management to achieve compliance against policies and regulations.
- Processing activities: means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. Privacy Now® supports processing activities lifecycle with a specific workflow (see Processing Activities).
Q
R
- RI: see Risks.
- Risks: TBD
- Risks Analysis: TBD
S
- Save & Next: basic function of the system that enable the User to save the record information and move the record status to the Next one. If more than one status is possible the User has to select the final status to be reach.
- Settings: settings which can be updated for Privacy Now® service.
T
- Treats: TBD
U
- User: users of Privacy Now®.
V
- View: a list of records concerning a specific privacy management process. It is possible to access to views from the left menu of the application. See also How To for more information on how to use views.
- Vulnerability: TBD
