Privacy
Lockstep has led the way in joining privacy to substantive IT and e-security issues.
While most business people appreciate that good privacy compliance requires good information security, many organisations still struggle to identify tangible IT and e-security actions to take in order to protect privacy and the organisation's privacy posture. As with security, privacy is now subject to special technical governance requirements, but there is a grave risk that an overly compliance-oriented approach can be expensive and ineffective. Businesses must be careful they can still 'see the wood for the trees'.
Lockstep understands the detailed implications of privacy on the IT function. We have delivered privacy advice and consulting services to clients including:
- Australia Post
- The Office of the [Federal] Privacy Commissioner
- The Victorian Department of Justice
- The Australian General Practice Network
- NSW Office of ICT.
Privacy Engineering
Lockstep's privacy services include training and Privacy Impact Assessments (PIAs). Yet, a truly unique offering of ours is Privacy Engineering, where we work with clients to fine tune design practices that build privacy in, as opposed to hoping to 'audit it it' later. Privacy Engineering helps to protect customer relations, pro-actively uncovers privacy problems, saves money by solving problems sooner, and enhances compliance.
Advocates for Privacy Enhancing Technologies
As identity technology experts, Lockstep has also led they way in articulating a positive and robust vision for smartcards as Privacy Enhancing Technologies. On this point, Stephen made a detailed submission to the 2005 Senate Inquiry into the Privacy Act, looking closely at smartcards and biometrics.
Track record
Stephen's experience in privacy is summarised in the attached, and his publications on the topic are gathered at the privacy library section. He has made numerous other submissions on privacy to government enquiries; see submissions.
