Skip to main content

The Information Privacy and Security group at the IBM Haifa Research Lab are studying the practical implementation of the principles of Privacy by Design. The purpose of the work is to develop tools and methodologies to assist the development of applications and services that deal with data of a private and/or sensitive nature. We plan to develop the tools and methodologies by working with several groups that build solutions and together build privacy impact assessments, including a series of detailed recommendations for applying the principles of Privacy by Design in the development process. The recommendations will cover the full lifecycle of the product or service, from design to implementation, runtime processes, security incident management, data preservation, and data destruction. The recommendations will be the baseline for tools development that will aid other application designers to implement a Privacy by Design in their solutions. We make use of the Privacy Self-Assessment Tool and the Data Incident Management Tool developed by the IBM Privacy Officer, as well as the expertise gained from engagements with health care and medical records management.