Data Protection and Privacy Management Guidelines for Airports
| 项目名称: | Data Protection and Privacy Management Guidelines for Airports |
| 摘要: | Airports are collecting, processing, and using large amounts of data from airport users, including personal identification, medical records (e.g., COVID-19 related), and biometric information. The methods used by airports for these activities are evolving. Airports need to comply with an increasing number of data protection and privacy regulations. An initial review of the websites of several large U.S. airports suggests that few provide any information concerning data privacy. Research is needed to understand current practices, provide guidance for fostering awareness of compliance requirements, and help airports incorporate data privacy management into their operational and business activities. The objectives of this research are to develop guidelines to help airports of all types and sizes to: (a) identify customer data that is subject to protection; (b) implement compliant data protection management practices, policies, and systems; and (c) develop trust and accountability around data privacy practices for their individual customers. For the purpose of this study: (1) Customer data includes, but is not limited to, personal identifiable information (PII) (e.g., medical, biometric, credit card, license plate information); (2) Compliance requirements and cybersecurity considerations should reference documents noted in Special Note A; and (3) Trust includes instilling confidence in the airport’s uses and protections of customer data (e.g., published disclosure statements, transparency and associated customer communication). The guidelines should address the following considerations, but be not limited to: (1) Retention and destruction policies and standards; (2) Compliance with Americans with Disabilities Act (ADA); (3) Parking data/ license plate recognition (LPR); (4) Data regarding customer behaviors and touchpoints and the use of such data; (5) Current practices for managing data protection including contractual language for tenants and vendors; (6) Current practices for customer outreach and communications on data protection and disclosure; (7) Employee and tenant education of data protection and privacy; and (8) Common use airport Information Technology (IT) infrastructure. |
| 状态: | Active |
| 资金: | 350000 |
| 资助组织: | Airport Cooperative Research Program;Federal Aviation Administration |
| 项目负责人: | Schatz, Theresia H |
| 执行机构: | Del Ray Solutions LLC |
| 主要研究人员: | Cusson, Sean |
| 开始时间: | 20220419 |
| 预计完成日期: | 20231018 |
| 主题领域: | Administration and Management;Aviation;Data and Information Technology;Planning and Forecasting;Security and Emergencies;Terminals and Facilities |
相关文献
- Guidance for Improved Data Privacy Management for Airports
- Data Protection and Privacy Implication in Road Safety ; Personvern og trafikk
- Managing Runoff from Aircraft and Airfield Deicing and Anti-Icing Operations
- Legal Aspects of Airport Programs. Topic 12-01. Legal Implications of Data Collection at Airports
- A Guide for Geospatial Data Governance Policies and Procedures
- Impacts of Connected Vehicles and Automated Vehicles on State and Local Transportation Agencies--Task-Order Support. Task 10. Cybersecurity Implications of CV/AV Technologies on State and Local Transportation Agencies
检索历史
应用推荐
