1.2: Accountability 1.3: Beyond Law and Compliance 1.4: Why does an org need a privacy program Flashcards
Accountable orgs…
*Have the proper policies and procedures to promote best practices in handling personal information and can generally demonstrate that they have the capacity to comply with applicable privacy laws
*Promote trust and transparency to provide individuals with confidence in their abilities to protect personal information and respect data rights
*Must be able to show/prove their actions
Accountability means…
*Taking ownership of the actions an org does / does not take to protect personal data.
*Can provide flexibility about how the org complies w/obligations
*Documenting any deviations and actions taken for failures in complying with data protection policies
Consumer trust…
*Is hard to obtain and harder to get back once lost
*Loss of consumer trust can have severe repercussions / be ruinous
Why a privacy program?
*Show the company is reputable
*Enhance brand and public trust
*Meet regulatory obligations
*Encourage ethical data-processing practices
*Enable global operations
*Prevent and mitigate effects of data breaches
*Competitive differentiator
*Increase value and quality of data for the business
*Reduce risk of lawsuits
*Be a good corporate citizen
*Meet customer expectations
*Integrate data ethics into decision making
Trust
Being transparent, accountable and a good data steward of personal information shows that an org is trustworthy and of the information entrusted to them