This document from the Alberta, British Columbia and federal privacy commissioners lays out in chart format the building blocks that make up a privacy management program.
This “explainer” from the Zero Knowledge Privacy Foundation is aimed at consumers and offers information about company privacy policies, including why companies have policies, how they vary from one to the next, whether companies are required to have privacy policies and how they may change going forward.
This Small-Entity Compliance Guide from the Federal Reserve is intended to help financial institutions comply with the Interagency Guidelines Establishing Information Security Standards (Security Guidelines). The guide summarizes the obligations of financial institutions to protect customer information and illustrates how certain provisions of the Security Guidelines apply to specific situations.
This template from the Newfoundland and Labrador Centre for Health Information is used to evaluate the impact on privacy that results from change to a system, environment, or process. The template is offered in word format for easy customizing.
This form provides a method of communicating the initial known details of a possible information security incident within an organization. The form is offered in word format for easy customizing.
The Information and Privacy Commissioner of Ontario provides a practical guide for implementing the principles of Privacy by Design in the mobile communications industry.
The U.S. Federal Trade Commission released this report setting forth best practices for businesses to protect the privacy of American consumers and give them greater control over the collection and use of their personal data.
In order to bridge differences in approaches to privacy and provide a streamlined means for U.S. organizations to comply with the Directive, the U.S. Department of Commerce in consultation with the European Commission developed this "safe harbor" framework. This site provides the information organizations need to evaluate and join the U.S.-EU Safe Harbor program.
Created by Nicholas Cramer of AllClear ID, this whitepaper takes a close look at key considerations involved in responding to data breaches of all sizes to help privacy, risk, legal and compliance professionals understand some of the nuances involved in a data breach response.
This IT security guide created by the British Information Commissioner’s Office aims to give small businesses practical advice in the area of IT security.
This guidance published by the CIO Council and the Chief Acquisition Officers Council provides federal agencies guidance in effectively implementing the government’s “Cloud First” policy and moving forward with the Federal Cloud Computing Strategy by focusing on ways to more effectively procure cloud services within existing regulations and laws.
This document created by the Expertise Department of the CNIL is a catalogue of good practices intended to treat risks that the processing of personal data may pose to the civil liberties and privacy of data subjects. It supplements the risk management method of the CNIL, the French data protection authority, with regard to risks to civil liberties and privacy and helps to determine the measures proportionate to the risks identified using this method.
This document created by the Expertise Department of the CNIL describes a method for managing risks that the processing of personal data can generate to individuals. It includes a complete analytical approach for improving the processing personal data.
Issued by the Mobile Marketing Association Privacy & Advocacy Committee in December 2011, this framework provides mobile application developers with policy language that can be “quickly and completely understood by the consumer.”
The CNIL’s recommendations are a practical tool for any customer who wishes to use a cloud computing service. Customers' attention is drawn to the fact that they should choose the service provider after carrying out an analysis of requirements and a risk analysis and after having identified the required security measures given the envisaged type of service.
Page 7 of 11 pages ‹ First < 5 6 7 8 9 > Last ›