Quick Resources — Module 11

These resources support the organisational and developer-focused topics in Module 11. All are free and maintained by authoritative sources.

---

NIST Privacy Framework The US National Institute of Standards and Technology's voluntary framework for organisations to manage privacy risk — complements the NIST Cybersecurity Framework. Includes a profile tool for assessing current vs. target state. https://www.nist.gov/privacy-framework

ENISA — Data Protection Engineering The European Union Agency for Cybersecurity publishes technical guidelines on implementing privacy by design and data protection engineering, including recommendations on pseudonymisation and anonymisation techniques. https://www.enisa.europa.eu/topics/data-protection

IAPP — DPIA Templates and Guidance The International Association of Privacy Professionals provides templates for Data Protection Impact Assessments (DPIAs), which are a key tool for operationalising Privacy by Design under GDPR Art. 35. https://iapp.org/resources/article/the-dpia-template/

ICO — Accountability and Governance Framework The UK Information Commissioner's Office publishes a practical accountability framework covering documentation requirements, data protection by design, DPIAs, and breach response — one of the most accessible regulatory guides available. https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/accountability-and-governance/

Ann Cavoukian — Privacy by Design: The 7 Foundational Principles The original 2009 paper by Privacy by Design's author, freely available as a PDF from the IPC Ontario website. The authoritative primary source. https://www.ipc.on.ca/wp-content/uploads/Resources/7foundationalprinciples.pdf

---

This module completes the organisational and developer track of the Data Privacy: Rights & Protection course. For practical tools to protect your own data, see Modules 9 and 10.