7

PCPD News

私隱專員公署通訊

•

Issue no. 31

Ms Christina Peters

美國

IBM

公司首席私隱主任

Chief Privacy Officer

IBM Corporation, US

制訂分析計劃時，可依從這套非常簡單的指引：

•

把保障私隱的設計納入分析計劃。

•

認識數據。了解數據從何而來；就數據的儲存及使用，是否有法律及其他限制。

•

考慮去識別化 ／匿名化。這方法讓機構在應用大數據之餘，亦減少對私隱的顧慮。

這已應用於多個範疇，包括醫護。

•

了解你如何使用資料，及可能對他人的影響。知道你追求的目標，及其對個人的預

期和非預期結果。

•

區別對廣大民眾的影響、及針對個人的影響 — 後者尤其需要你的深思熟慮。

•

具透明度。告知他人你在做甚麼、為何這樣做，及解釋有甚麼好處。

•

保障你的系統。適當地保障資料及系統，並在有需要時調整保安程度。

•

加入問責及監督。制訂適當的管治架構和措施。

Let me share with you this set of very simple guidelines when developing analytics

programmes.

• Design privacy into the programme.

• Know data. Understand where it comes from, and whether there are legal and

other restrictions that may apply to its storage and use.

• Consider de-identification / anonymisation. This technique allows organisations to

work with big data sets while mitigating privacy concerns, and has been used in

many fields, including healthcare.

• Understand how you use your data and how it may affect people. Understand the

goal being pursued and its intended and unintended results for individuals

• Differentiate between diffuse effects on broad populations and individually

targeted effects. The latter, in particular, requires thoughtful focus.

• Be transparent. Tell individuals what you are doing, why you are doing it and what

the benefits are.

• Secure and safeguard your systems. Appropriately secure your data and systems,

and adjust that security over time as needed.

• Build in accountability and oversight. Establish appropriate governance structures

and practices.

Ms Kimberly Gray

美國

IMS Health

環球

首席私隱主任

Chief Privacy Officer, Global,

IMS Health, US

透明度是絕對重要的，但有時只有透明度及問責性並不足夠。我們需要第三個元素 —

道德元素，以及自問以下的問題：

•

建議使用及共享數據的目的是甚麼？

•

會否導致可預見傷害的風險？

•

誰是持份者及誰會得益？

•

可否在對個人造成較少風險情況下，達致類似結果？

•

（公眾、立法者、規管者等的）看法是甚麼？

Transparency is absolutely important. But sometimes it is not enough just to be

transparent and accountable. We need a third factor – the ethical factor. And ask

yourself the following questions:

• What are the proposed purposes of our data use and of sharing it?

• Does it have the risk of causing foreseeable harm?

• Who are the stakeholders and who benefits?

• Can comparable outcomes be achieved with fewer risks to individuals?

• What is the perception (by the public, by legislators, by regulators, etc.)?