U.S. flag

An official website of the United States government, Department of Justice.

NCJRS Virtual Library

The Virtual Library houses over 235,000 criminal justice resources, including all known OJP works.
Click here to search the NCJRS Virtual Library

Data Security and Data Processing, Volume 3, Part 2 - Study Results - State of Illinois

NCJ Number
89629
Date Published
1974
Length
422 pages
Annotation
This report presents an overview of Project SAFE, an effort by the State of Illinois to ensure privacy in its technological data processing, along with discussions of the elements and economics of information privacy and security, recommended security practices, and a law school syllabus on information technology and the right to privacy.
Abstract
The overview indicates that Project SAFE has taken steps toward ensuring an individual's right to privacy in information systems by (1) demonstrating an acceptable degree of protection for the pilot agency data base, (2) analyzing and documenting security measures and their attendant costs in a complex data center, and (3) assessing the general applicability of this new body of knowledge for government and industry at large. The overview also considers the interdisciplinary approach used, the operating environment, the organizational setting, the information system's environment, project constraints, and project exclusions. Action steps taken to develop better security measures for privacy are also outlined. Elements of security identified and developed included security administration, information privacy and security education, technology requirements and considerations, and legislative considerations. In considering the economics of security, it is advised that to determine the most cost-effective mix of safeguards, the following information must be obtained: the probability of information exposure, the value of the information in the systems, and the types and costs of safeguards available to protect the information. Following a description of a method for determining the best security system, a summary of general conclusions and recommendations is provided. Recommended security practices cover administration, change control, software security measures, terminal access security measures, systems design security measures, physical plant security measures, and contingency planning and backup plans. For related volumes, see NCJ 89626-28, 89630-32, and 89655-60.