Only identify when necessary
1.1 People should not be asked to prove who they are unless it is necessary. A person making a general enquiry about a service should not need to provide any identifying information.
Identify only once
1.3 For services which are used frequently and for which identification is needed, public service organisations should give people a simple way to register once. Thereafter, unless there is a statutory requirement to prove identity, in many cases a person should be able to access the service using a token, such as a bus pass or library card that proves their entitlement without revealing unnecessary personal information. In other circumstances, a user name and a password or elements of a password may be required.
1.7 As far as possible, people should be offered alternative ways to prove identity and / or entitlement.
Adopt privacy and security policies & procedures
2.1 Public service organisations using personal information on behalf of public authorities should adopt clear, coherent and verifiable policies on privacy and security.
2.3 Responsibility and accountability for privacy should be assigned to a named senior management officer who reports to the Board or equivalent.
Facilitate oversight and reporting
2.7 The Scottish Government should work with the ICO to facilitate spot checks and the use of the ICO’s forthcoming inspection powers and should co-operate with existing oversight organisations to include privacy issues in their inspections and reporting.
Carrying out Privacy Impact Assessments (PIAs)
3.1 Public service organisations must carry out an appropriate level of PIA for any new initiative that enables access to services using IT and involves the collection, storage or use of personal information. Public service organisations must also carry out an appropriate level of a PIA if they are changing existing systems in ways which involve collection, storage or use of personal information.
Data and Data Sharing
Acquiring and holding personal information
4.1 Public service organisations must minimise the personal information they hold, only acquire personal information for which they have a defined and specific need and ensure that such personal information is held only as long as is strictly necessary for the purposes for which it has been provided.
Avoid creating centralised databases of personal information
4.2 Organisations should seek to avoid creating large centralised databases of people’s personal information. People’s personal data should not be acquired and aggregated in a single place but maintained in separate data stores relevant to their specific business purpose. Organisations or their employees can still draw together personal information held in more than one place, if there is a business need to do so. That presents a lower risk than aggregating and storing all the personal information in a single place.
Storing personal and transactional data separately
4.3 Public service organisations must as far as possible store information about people’s access to services separately from their personal data, to minimise the risk of data loss and to ensure that even if one set of information is accessed improperly, this does not allow access to a wider range of information about individuals. This may be achieved through the avoidance of centralised databases (see 4.2 above).
4.4 Public service organisations should ensure that personal data is held securely (see 2.1c above), that their employees only have access to the minimum personal information they need and that audit records exist of all accesses to, changes to and uses of that data.
Storing identifying information
4.5 Public service organisations must consider whether identifying information needs to be stored in a database at all. In some cases, it might be preferable for people to hold and manage their own identifying information which can be accessed by the public service organisation when it is needed. This could be achieved, for example, by the information being held on a smartcard and accessed when required through a card reader.
Linking information between systems
4.6 Public service organisations should not share personal information unless it is strictly necessary. If a public service organisation needs to link personal information from different systems and databases, it should avoid sharing persistent identifiers; other mechanisms, such as matching, should be considered. If a public service organisation believes that persistent identifiers should be shared, it must publicly explain why.
Provide easy access to own data
5.7 Public service organisations should provide simple, quick and effective means for individuals to access information held about them. This might include secure electronic access to check and correct the data that is held on them (any such provision would need to be audited and regulated so that the security and accuracy of data is not compromised).
Duty to repair or redress
5.8 Where an individual demonstrates emotional or material harm arising from incorrect or misused personal information held about them, organisations should assume a duty to repair that information and redress the harm as appropriate.
É um documento muito bom vindo de um governo. Espero que a consulta traga melhores idéias e que seja aprovada.