The IEEE is working on a new series of standards, the P7000 series, looking at data ethics in systems development. P7002, the Data Privacy Process Standard, is looking at how organisations should manage privacy risk at the organisational and systems level. The standard aims to detail the process by which an organisation can identify their privacy requirements, how they use these to develop their organisational privacy framework, how they then characterise their systems, and finally how they develop and manage those systems to meet their privacy requirements.
The project has been running for some time, and whilst Privitar has been involved since the start, in early 2019 Privitar’s Head of Policy took on the role of technical editor, working with the group’s experts to lead the drafting process and run the drafting sub group. We hope the standard will be available in late 2020.