Beyond The Privacy Policy: New Guidance

more+
less-
more+
less-

On September 5, 2012, the Information and Privacy Commissioner of Ontario (“IPC”) released a new guidance paper, entitled “A Policy is Not Enough: It Must be Reflected in Concrete Practices”. This guidance paper will be particularly useful for organizations seeking preliminary guidance on implementing the “privacy by design” principles developed by Commissioner Cavoukian.

The IPC outlines 7 steps for implementing privacy policies. Sensibly, the Commissioner acknowledges that there are no “one-size-fits-all” approaches for embedding privacy-by-design practices. Nevertheless, Commissioner Cavoukian notes that there are common steps to implementing a course of action. These steps are applicable to organizations of all sizes and complexity.

The following is a brief run-down on the steps and a few comments from my experience...

Please see full article below for more information.

LOADING PDF: If there are any problems, click here to download the file.

Topics:  Audits, Data Breach, Privacy Policy, Training

Published In: Administrative Agency Updates, Business Organization Updates, General Business Updates, Privacy Updates

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Dentons | Attorney Advertising

Don't miss a thing! Build a custom news brief:

Read fresh new writing on compliance, cybersecurity, Dodd-Frank, whistleblowers, social media, hiring & firing, patent reform, the NLRB, Obamacare, the SEC…

…or whatever matters the most to you. Follow authors, firms, and topics on JD Supra.

Create your news brief now - it's free and easy »