Professional Documents
Culture Documents
Topic 2:
Data Protection
Learning Objectives
T-Mobile admitted losing a storage device holding the records, including names, addresses, phone numbers
and dates of birth, of 17 million German customers
Unencrypted back-up computer tapes from BNY Mellon's Share owner Services unit containing the confidential
details of over 12 million customers was lost by a third party vendor
HSBC lost a computer disc containing the confidential personal details of around 370,000 of its UK life
assurance customers
Communication Privacy
Organizational Privacy
Privacy
Information Privacy
Physical Privacy
Data Privacy
What is Data Privacy?
Data privacy is the relationship between collection and dissemination of data, the public expectation of privacy
and the legal issues surrounding them .
It is protecting corporate and personal customer and employee data under the possession of the organization.
Data Privacy
What is personal Information?
Any identifiable information about the customer held in any format is personal information.
In case of corporate, any information that is not available in the public domain but is shared with ICICI Bank is
treated as personal information
Personal Data
What is personal details??
Name and
Address
Passport
Number
Contact
Details
Personal
Details
National
Insurance
number
Date of Birth
Age, Sex
and ethnicity
Personal Data
What is family lifestyle details??
Marital
Status
Club
Membership
Details
Leisure
activities
Next of Kin
Family
Lifestyle
Details
Travel
Habits
Personal Data
What is financial details?
Income
Insurance
Details
Salary
Financial
Details
Loans
Credit
History
Investments
Bank
Account
Personal Data
Career
History
Recruitment
CV
Employment
Details
Performance
and
Appraisal
Records
Attendance
Record
Sickness
Record
Personal Data
What is sensitive personal
data?
Racial /
Ethnic Origin
Sensitive
Personal
Data
Physical or
Mental
health
Conditions
Religious
Beliefs
Privacy Breach
What is privacy breach?
Any identifiable information about an individual held in any format is personal information. Privacy breach is
unauthorized access or collection, use or disclosure of personal information. Most common causes of privacy
breach are as follows:
Stolen, lost or mistakenly disclosed information
Privacy Breach
What constitutes privacy breach?
The following are few scenarios that could occur in a bank. Can you identify if it constitutes as privacy breach?
Compromise
of Customer
Name
No
Privacy Breach
What constitutes privacy breach?
The following are few scenarios that could occur in a bank. Can you identify if it constitutes as privacy breach?
Compromise
of Customer
Name
Compromise
of Account
Number
Yes
Privacy Breach
What constitutes privacy breach?
The following are few scenarios that could occur in a bank. Can you identify if it constitutes as privacy breach?
Compromise
of Customer
Name
Compromise
of Gender
No
Privacy Breach
What constitutes privacy breach?
The following are few scenarios that could occur in a bank. Can you identify if it constitutes as privacy breach?
Compromise
of Customer
Name
Compromise
of Gender
Compromise
of Age
Yes
Accountability
Identify purpose
Limiting collection
Accuracy
You will learn more about these principles in the next few slides.
Accountability
Identify purpose
The bank should identify the purpose at or before the time of collection
The bank must document why the information is collected
The bank must inform the individual of whom the information is collected
and why the information is needed
You will learn more about these principles in the next few slides.
Consent
Limiting Collection
You will learn more about these principles in the next few slides.
You will learn more about these principles in the next few slides.
You will learn more about these principles in the next few slides.
Loss or theft
Unauthorized access, disclosure, use, copying
Destruction
Personal customer and employee data needs to be stored and treated
with utmost care and security
2.
3.
The following are the security risks of losing customers or employees personal information:
1.
2.
Customer dissatisfaction
3.
01
You have the personal information of a customer on your laptop. You have left your workstation with
your laptop open for few seconds to have a glass of water. Is this a breach of data privacy?
a)
Yes
b)
No
02
You have access to your neighbors account details. You have shared this information with your
family member as you are confident that your family will not disclose this information to others. Is this
a breach of data privacy?
a)
Yes
b)
No
Summary
Here is a recap of what you learnt:
Both, customers and employees personal information is collected by
the bank.
Summary
Here is a recap of what you learnt:
Key privacy principles determines the privacy categories for both
customers and employees