Here are the 10 privacy principles outlined in the federal Personal Information Protection & Electronic Documents Act:
> ACCOUNTABILITY. An organization is responsible for personal information under its control, and must make someone accountable for compliance with the following principles.
> IDENTITY PURPOSES. Identify the need for personal information before collecting it.
> CONSENT. Obtain permission from the individual from whom you collect information.
> LIMIT COLLECTION. Limit collection of personal information to what is necessary for the purposes of the organization. Collect information by fair and lawful means.
> DISCLOSURE RETENTION. Use the information only for its original purpose, except with written consent of the person from whom it was collected. Retain only as long as needed.
> ACCURACY. Ensure information is current and accurate.
> SAFEGUARDS. Protect information under lock and key, or with encryption.
> OPENNESS. Make policies and practices available to those from whom you collect information.
> ACCESS. Make information you collect from an individual available to this person on request. Amend for accuracy on request.
> CHALLENGING COMPLIANCE. Establish a system for individuals to challenge your compliance with the above principles.
Ten principles of privacy
- By: Gavin Adamson
- August 29, 2007 August 29, 2007
- 09:43