Prepare
- Identify information that your device collects, where it comes from, what it is used for, with whom it is shared and for what purposes.
- Conduct a privacy impact assessment to identify privacy risks and consider ways that the risks can be addressed or managed.
- Familiarize yourself with data protection laws in place where the device will be offered.
- Consider whether any other laws could apply to the device or the persons or industries that will be using the device.
- Understand the device’s technical limitations that may impact security.
- Understand the existing threat environment.
Implement
- Limit collection and retention of information to what is reasonable and necessary to operate the device.
- Describe personal information handling practices in a simple and clear manner and obtain consent.
- Ensure that any collection, use or disclosure of personal information for “secondary” purposes (such as marketing or targeting) is optional.
- Implement appropriate security controls, keeping in mind the nature of the device and the information collected, how information is stored and identified threats.
- Engage experts in de-identification of personal information to ensure it is done effectively.
Evaluate
- Regularly review existing security measures and update in light of changes to the threat environment or industry standards.
- Review privacy policies and consent language regularly and any time a change is made to the device or applicable data protection laws.