201403 Dec

Asian Accountability-Compliance Study Recognizes the Nymity Privacy Management Accountability Framework™

VANCOUVER, Dec. 3, 2014 /CNW/ - Nymity, speaking at the 42nd APPA Forum, commits to making recommended changes to Nymity's Accountability Framework contained in a recent study entitled, "Privacy Accountability Management Framework for Data Controllers Operating across Asia". While speaking on accountability metrics, Terry McQuay, Nymity's President and Founder, introduced the Asian accountability-compliance study and announced that although Nymity was not involved in the research, Nymity will take action based on the recommendations.

Henry Chang, the study's author, set out to answer this question: "If a data controller is to implement accountability, which accountability framework, with or without modifications, can be practically deployed by data controllers operating across Asian jurisdictions?"

The study, which examined six privacy accountability frameworks available in the public domain, selected the Nymity Accountability Framework as the most creditable, practical, and relevant framework to address the data protection laws of nine Asian jurisdictions. According to the study, "The criteria to select the appropriate framework to adopt and build on have to be (1) proven/authoritative, (2) practical and (3) cross-jurisdictional. So far the studies of all the frameworks available from DPAs [Data Protection Authorities] and third-parties suggest that only the Nymity Framework is the closest one to meet these criteria."

Based on analysis in the study, "the most interesting feature of the Nymity Framework which sets it apart from other framework is that apart from listing 13 processes on how to implement a PMP [Privacy Management Programme], it also proposes 153 practical and specific regulatory activities to be monitored/tracked by data controllers."

"Nine pieces of relevant Asian data protection laws were selected and meticulously analysed to confirm that the 13 Nymity Framework Processes indeed can cover, at a high level, these data protection laws" and "The use of the all-inclusive Nymity Framework becomes an obvious, one-stop-shop choice that is likely to be more readily acceptable and recognised by regulators." The nine data protection laws selected and analyzed in the study are as follows:

Hong Kong
The Republic of Korea
The Philippines
Personal Data (Privacy) Ordinance
Personal Data Protection Law
Act on Protection of Personal Information
Personal Data Protection Law
Personal Data Protection Act 2010
Law on Protection of Consumers’ Rights
Personal Information Protection Act
Data Privacy Act of 2012
Personal Data Protection Act 2012
Year of Enactment
1995, 2012
1995, 2010

According to the study, "The inclusion of regulatory activities in the Nymity Framework makes it most appealing to practitioners who are interested in using practical tools that require little or no further development or judgement calls. This end-to-end "concept-to-checklist" approach makes the Nymity Framework a unique framework among all the available ones studied."

Terry McQuay, President and Founder, Nymity Inc. speaking at the APPA Forum said, "We are absolutely flattered at the recognition as we had no knowledge that this study was being conducted. We are proud that we have been successful at creating a global privacy accountability framework, accessible to the broader global privacy community. Based on the feedback provided in the study, we have modified the Nymity Privacy Management Accountability Framework to ensure 100% coverage for compliance. We are thankful to be included in this study and for the feedback that has been provided."

A downloadable copy of the study is available at www.nymity.com/asian-accountability-study or on the Social Science Research Network at http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2523755.

Nymity welcomes feedback and participation in its ongoing research at research@nymity.com.

About Nymity
Nymity is a global research company specializing in accountability, risk, and compliance software solutions for the Privacy Office, including Nymity Attestor™ which enables organizations to demonstrate compliance on-demand. Nymity's suite of software solutions helps organizations attain, maintain, and demonstrate data privacy compliance. Nymity's free research and privacy management tools are made available to support the broader global privacy community. Organizations all over the world rely on Nymity's software solutions to proactively and efficiently manage their privacy programs — empowering them to comply with confidence.

© 2002-2018 Nymity Inc. All Rights Reserved