This document was developed serve as a technical guidance for project managers, architects, and technologists, and to provide guidelines for supporting the electronic expression of privacy policy and how to convert privacy policy so that it is understandable to computers and software; it lays out privacy policy technical requirement, industry standards, and implementation guidelines.
This framework document describes approaches and alternatives to resolve technical and interoperability challenges in supporting privacy policy through automation its goal is to identify an approach and framework for protecting privacy that can be generally applicable to information sharing in the justice environment, and that can be easily implemented using existing information technology architectures, standards, and software tools. The document provides the following: a review of basic privacy policy business and technical requirements; industry standards for the privacy policy framework components; implementation guidelines; Global Justice Reference Architecture (JRA) and Policy Services; summary recommendations; and next steps. The appendices include detailed privacy requirements; mapping of technical requirements onto the framework; sample privacy policy analysis; privacy policy metadata elements; assessment of current and emerging technologies relating to privacy; a glossary; and references.