Assess the privacy risks of your company’s EPC/RFID implementations

Free, easy-to-use assessment tool now available for download.

If your company has products or services built upon Radio Frequency Identification (RFID) technology and/or Electronic Product Code (EPC) standards, then you are certainly already concerned about protecting the privacy of your users and increasing your customers’ confidence that their data is confidential.

These are the same motivations behind a Recommendation made by the European Commission encouraging “all RFID operators” to conduct a privacy impact assessment on applications at least six weeks before their deployment.

To help that become possible as well as quick and easy, GS1, the not-for-profit global standards organisation, has created a Privacy Impact Assessment (PIA) Tool which companies can use to perform analyses and risk assessments on their EPC/RFID implementations.

The GS1 PIA Tool helps companies — whether multinational corporations or small- and medium-sized enterprises (SMEs) — identify any potential privacy risks and determine the steps to take to address them.

With the tool, you can rapidly perform a comprehensive assessment of privacy risks of any new EPC/RFID implementation within your company. You can also use it to identify privacy controls to be built in at the early stages of the specification or development process.

The GS1 Privacy Impact Assessment Tool also allows companies to comply with the European Commission’s RFID Recommendation and best practices on privacy and data protection, including the EPC Privacy Guidelines.

The tool was developed in collaboration with GS1 Member Companies and GS1 Member Organisations. It is flexible enough to allow broad usability by organisations in different business sectors and of different sizes.

Use of the tool is not limited to companies in the European Union. In fact, GS1 encourages conducting assessments as a best practice, no matter where your company is based. A range of non-European companies — including Walmart, Procter & Gamble and Checkpoint Systems — have already announced they will be using the tool for their new applications.

Get started right away!

Download the GS1 EPC/RFID Privacy Impact Assessment Tool. It is available free of charge.

Then simply perform the assessment with the help of your privacy officer or legal department, at least 6 weeks before deployment of your RFID application. Once finalized, results should be made available to the competent data protection authority in your country.

Questions? Interested in learning more?

• Consult our Frequently Asked Questions (FAQ)
• Download a leaflet about the GS1 EPC/RFID Privacy Impact Assessment Tool
• Get answers and support from your local GS1 Member Organisation: http://www.gs1.org/contact
• Send an email to PIA@GS1.org

International RFID Congress 2011: 4th-5th October, Lille (France)

1 September 2011 - The use of RFID in the world of retailing is gaining pace in the United States as well as in Germany and France. On 4 and 5 October 2011, GS1 is joining with the CNRFID, CITC and PICOM in Lille to hold the second edition of the International RFID Congress that is focusing on the retail industry.

These two days provide an opportunity to learn about and consider feedback from the roll-out of RFID in the retail sector as well as its current prospects. The optimization of the availability of products on the shelf, supply management, and stopping theft are some of the topics discussed. Demonstration spaces will also enable participants to see how these various issues are dealt with concretely.

For more information and to register visit http://www.rfid-congress.com/index.php

RETAIL - Group to food retailers: Use consumer-tracking data for recall alerts

A consumer group is urging supermarkets to use programs that track customers' buying habits to alert people who have bought tainted food. Some retailers, such as Wegmans and Price Chopper, already are doing that. A Costco official said, "When an item goes through a recall, we can pull that item number and generate a telephone or address list very quickly."
read more on "Washington Post"