Privacy engineering

Privacy engineering is an emerging field of engineering which aims to provide methodologies, tools, and techniques to ensure systems provide acceptable levels of privacy. Its focus lies in organizing and assessing methods to identify and tackle privacy concerns within the engineering of information systems.^[1]

In the US, an acceptable level of privacy is defined in terms of compliance to the functional and non-functional requirements set out through a privacy policy, which is a contractual artifact displaying the data controlling entities compliance to legislation such as Fair Information Practices, health record security regulation and other privacy laws. In the EU, however, the General Data Protection Regulation (GDPR) sets the requirements that need to be fulfilled. In the rest of the world, the requirements change depending on local implementations of privacy and data protection laws.

^ Gürses, Seda, and Jose M. Del Alamo. "Privacy engineering: Shaping an emerging field of research and practice." IEEE Security & Privacy 14.2 (2016): 40-46.

[1] Gürses, Seda, and Jose M. Del Alamo. "Privacy engineering: Shaping an emerging field of research and practice." IEEE Security & Privacy 14.2 (2016): 40-46.

[1]