Some information that can be affected includes:
- innovative technology, such as artificial intelligence, machine learning or smart technologies
- large-scale profiling of individuals
- biometric data, such as facial recognition systems, workplace access systems or identity verification
- data matching, such as monitoring personal use, uptake of statutory services or benefits
- invisible processing, such as re-use of publicly available data, direct marketing or data aggregation platforms
- targeting children or vulnerable individuals for marketing, profiling or other automated decision-making
- risk of physical harm, such as social care records
Managing risk
You can use the Information risk toolkit to help you assess and manage the risk around handling information. It includes a flow chart to guide you through the process of identifying the information risks for information handling in general and for information assets. There is also guidance to assess the impact of information security incidents.