Privacy Protection in Databanks: Principles and Costs.
A discussion of the principles and costs involved in designing, implementing, and operating protective systems in personal information databanks. All databank systems containing identifiable, personal information require adequate procedural and technical means for safeguarding the data subjects' rights; maintaining confidentiality; preserving data integrity; providing security against unauthorized access and modification; and assuring compliance with the protection requirements. Design of a protection system depends on the purpose and functions of the databank system, the personal information stored and processed, statutory requirements, and the structure and capabilities of the computer system associated with the databank. Costs of designing, implementing, and operating protective systems can be substantial, and access controls, encryption techniques, and maintenance of transaction logs will increase file processing time. However, while the level of protection needed will vary, sensitive information in online, shared, and integrated systems will probably require all the known protective features, and more. 21 pp. Ref.