As defined in the Generally Accepted Privacy Principles, “privacy” refers to the - PowerPoint Presentation

Presentation on theme: "As defined in the Generally Accepted Privacy Principles, “privacy” refers to the"— Presentation transcript

Slide1

As defined in the Generally Accepted Privacy Principles, “privacy” refers to the rights and obligations of individuals and organizations with respect to the collection, use, retention, disclosure, and destruction of personal information.This pertains to the Privacy of Personal Information, which comes to mind nowadays with the prevalence of on online threats to our privacy and identity.However, in a broader context, there are four aspects to privacy, as explained by the Information Commissioner’s Office (UK): Privacy of Personal Information --- data privacy, as explained abovePrivacy of Personal Communications --- the contents one’s communicationsPrivacy of Personal Behavior --- the observation of what an individual doesPrivacy of the Person --- the integrity of an individual’s body

What is Privacy?

2/15/2013Slide2

People expect their personal information to be safe with you. They trust you not to misuse it, scatter it, lose it, fail to maintain it, or take more than you need.You expect your business confidential information to be safe when you do business.Bad forces are out to steal and perform fraud --- Prepare for a breach in which privacy is jeopardized.Pay attention to the law. Unmanaged privacy risk will cost you money, hurt your reputation, and reduce consumer’s trust in you.Why

Privacy Matters

2/15/2013Slide3

Fair Information Practice Principles (FIPPs)1. Notice/Awareness

Provide a privacy statement – who collects & receives what data how, and for what purpose.

2. Choice/Consent

Obtain consent for secondary use,

opt-in or opt-out,

depending on requirements.3. Access/ParticipationPermit individuals to view data from and about them; to contest the accuracy and possibly the completeness of that data.4. Integrity/SecurityEnsure data quality – accuracy, and possibly completeness.Ensure data security – no data loss or unauthorized destruction, modification, disclosure, use.5. Enforcement/RedressFollow industry self-regulation programs. Ensure compliance with government regulations.

2/15/2013