The GS1 EPC/RFID Privacy Impact Assessment Tool is for large corporations and small and medium enterprises (SMEs) who are implementing an EPC/RFID application. It allows you to:
This will ensure that companies protect their customers' privacy and increase customer confidence in the RFID technology.
An RFID Privacy Impact Assessment helps companies to assess the privacy risks - and identify the measures to be taken to address them - before a new RFID application is introduced onto the market.
When implementing an RFID application within your company, you may be collecting personal information about your customers. It is important to ensure that you protect the privacy of your customers with regards to that data.
Collecting, processing and storing customer’s personal data should be done in accordance with relevant national and local laws and best practices. For European companies, this includes the EU legal framework.
The European Commission issued a Recommendation in 2009 stating that “all RFID operators” should conduct a PIA on their applications before deploying new applications. The Recommendation suggests very precise steps that should be taken with the ultimate goal to raise consumer acceptance of RFID technology.
These Privacy Impact Assessments should be based on the PIA Framework endorsed by the data protection authorities in the EU Member States and industry in 2011.
To assist its Member Companies in the efficient implementation of the Recommendation, GS1 has developed the GS1 EPC/RFID PIA Tool. The tool is based on the European Commission’s PIA Framework and provides an easy way for companies companies to perform the risk assessment related to the implementation of EPC/RFID technology within their organisations and publish a PIA report.
For complete compatibility of these documents on Apple Macintosh systems the newest versions of Microsoft software will be required.
We would welcome your feedback and suggestions on the GS RFID PIA Tool. Please send them to GS1 Global Office at : firstname.lastname@example.org.
“The GS1 PIA tool is a macro-enabled Excel spreadsheet that is highly flexible. What is most significant is that this tool could serve as the basis for a globally consistent method for performing assessments -- something that is essential in today's interconnected, global economy.” Bert Moore, Association for Identification and Mobility
GS1 provides this EPC/RFID Privacy Impact Assessment (PIA) tool ‘as is’, in order to assist companies to carry out an assessment of their privacy risks and identify corrective measures before implementing a new RFID application. The PIA is a self-evaluation procedure requiring thorough information input by each company using the PIA tool. GS1 hereby disclaims all responsibility for the content and accuracy of the information provided by companies using the PIA tool.