BIP 0002:2003 - Guidelines for the use of personal data in system testing – BSI British Standards
BSI Shop and standards catalogue is undergoing routine maintenance between 17:00 and 21:00 BST on Wednesday 22 October and will be unavailable during this time. Please accept our apologies for any inconvenience caused during this essential maintenance work and come back later and try again. Thank you for your patience.

Find Similar Items

This product falls into the following categories.

You may find similar items within these categories by selecting from the choices below:

Result Types

Subject

Industry Sector

ICS Category

BIP 0002:2003

Guidelines for the use of personal data in system testing

Status : Withdrawn   Published : September 2003 Replaced By : BIP 0002

WITHDRAWN TITLE

New edition  – order your copy now

Data Protection: Guidelines for the use of personal data in system testing (2nd Edition)
Louise Wiseman and Jenny Gordon

In an area where few documented processes exist, this book provides guidelines to the use of live personal data in system testing, in compliance with the Data Protection Act 1998 (DPA).

The book is essential reading for anyone using personal data in systems testing. It can also help companies to see how testing might fit with the Personal Information Management System (PIMS), described in BS 10012.

Guidelines for the use of personal data in system testing provides guidelines on the use of live personal data in system testing in compliance with the Data Protection Act 1998 (DPA). Organizations have a legal obligation to respect the rights of individuals to confidentiality and privacy.

With new developments in business and information technology personal data is increasingly easy to obtain and there are many new possibilities for its use. Systems’ Testing is required to maximize the benefits of technology while reducing the risk of breaches of security and loss or destruction of data. This book shows how compliance with the DPA need not be overly complex or expensive. By effective use of risk assessment techniques an organization can take a realistic view of the dangers while at the same time ensuring they comply with the law.

The book does not cover the use of fictitious, scrambled or anonymized data. For organizations that don't use live data for testing, additional guidance would be required.

Contents of 'Guidelines for the use of personal data in system testing' include:

  • Personal data in the e-commerce environment
  • Processing under the Data Protection Act 1998
  • The importance of system testing
  • The Information Commissioner’s view
  • Key risks in system testing
  • System testing – purpose or subsidiary function?
  • Alternative test groups
  • Duty of confidentiality
  • Matching and cleansing data
  • Accuracy and limiting the data
  • Retention and disposal
  • Rights of individuals
  • Security - Use of BS 7799 in system testing
  • Physical protection of the system
  • Use of technical measures in the test environment
  • System testing by third parties
  • Financial environments: The use of dummy or test accounts.
  • Disaster recovery
  • International data transfer
  • Appendices - Example forms and blank templates
            - Factors to consider in approaching a system testing strategy
            - Data classification table
            - Data justification table
            - Risk analysis – identification of key risks and handling strategies.

Standard for data protection

BS 10012. Specification for the management of personal information in compliance with the Data Protection Act 1998

A new standard for data protection is due to publish later in 2009. For more information and to register your interest, visit www.bsigroup.com/bs10012


 




Standard NumberBIP 0002:2003
TitleGuidelines for the use of personal data in system testing
StatusWithdrawn
Publication Date22 September 2003
Withdrawn Date01 July 2009
Replaced ByBIP 0002
DescriptorsData security, Data, Information, Data processing, Data handling, Data transfer, Legal documents, Legal liability, Legal procedures, Legislation, Law, Consumer protection, Access control (data), Data integrity, Consumer-supplier relations, Quality control IT and Information Management: Data Protection
ICS01.140.30
03.160
CommitteeBDD/7/-/1
ISBN0 580 42472 3
PublisherBSI
FormatA4
DeliveryYes
Pages42
File Size497.5 KB
Price£75.00


WITHDRAWN TITLE
 Your basket
Your basket is empty

BSI Membership

Up to 50% off standards and conferences


Newsletters

Monthly industry and standards news


BSOL

Standards direct to your desktop


Customers who bought this product also bought