Samples, Tools and Templates    Government

Employee Training Video

This video from Intel aims to encourage employees to put greater importance on data privacy considerations using statistics on consumer trust and outlining how technology is driving the emphasis on protecting privacy protections.

Privacy notices code of practice

This code of practice from the UK Information Commissioner’s Office is designed to help businesses collect and use information appropriately by drafting clear and genuinely informative privacy notices.

Best Practices for Social Media

This paper from the CIO Council addresses various ways the Federal Government can use social media for information sharing, situational awareness, and to support agency operations, and the key considerations for each. The paper also explains privacy best practices for establishing a social media program, from pulling together an intra-agency team of experts to establishing internal social media polices and ensuring transparency of social media uses through published privacy notices and documentation.

The OECD Privacy Framework

This booklet brings together the key components of the OECD privacy framework, along with the supplementary documentation to provide context and explanation. The cornerstone of that framework is the revised Privacy Guidelines, which form Chapter 1.

OECD Guidelines Governing the Protection of Privacy and Transborder Flows of Personal Data

These new guidelines constitute the first update of the original 1980 version that served as the first internationally agreed upon set of privacy principles and focus on the practical implementation of privacy protection through an approach grounded in risk management and the need for greater efforts to address the global dimension of privacy through improved interoperability.

Personal Computing Device Access to Company Computing Systems

This sample policy addresses the use of employee-owned personal computing devices to access, with certain limitations, the Company’s computing systems.

Computing Systems Use Acknowledgement

A sample contract between an employee and employer outlining acceptable uses of company owned computing systems and data owned, operated or controlled by the company.

Short Form Notice Code of Conduct To Promote Transparency in Mobile App Practices

This voluntary Code of Conduct for mobile application (app) short notices developed through the Multi-Stakeholder Process on application Transparency convened by the United States Department of Commerce. The purpose of the short form notices is to provide consumers enhanced transparency about the data collection and sharing practices of apps that consumers use.

ACCESS AWARE toolkit for businesses

The UK ICO created this toolkit for businesses as part of its ACCESS AWARE campaign aimed at helping prompt employees to recognize a request for personal information and know how to deal with it. It includes employee awareness posters and a ‘subject access request’ step-by-step guide.

Cloud Computing - A guide to making the right choices

The Privacy Commissioner of New Zealand developed this privacy checklist to help organizations figure out whether their client and staff information will be safe if they switch to cloud services.

CFPB Supervision and Examination Manual (Version 2)

This guide is used by CFPB examiners to oversee companies that provide consumer financial products and services, it describes how the CFPB supervises and examines these providers and gives our examiners direction on how to determine if companies are complying with consumer financial protection laws.

Deleting Personal Data

This guidance from the UK Information Commissioner’s Office explains what organizations need to do to make sure they comply with the Data Protection Act when they archive or delete personal data.

Organizational Privacy Poll

A poll conducted on the IAPP Privacy List asked list subscribers where the data privacy office lies in their organizations and who owns the internal privacy policy within their organizations. This table represents the reponses to those questions.

Data Protection Regulatory Action Policy

This policy from the UK Information Commissioner’s Office outlines what the office will consider when deciding whether to initiate regulatory action. (August 2013)

Law Enforcement & National Security Access to Medical Records

This Center for Democracy & Technology Policy Post explains how government access to identifiable health information is addressed by the PATRIOT Act, the HIPAA Privacy Rule, as well as the statutes and regulations protecting the confidentiality of patient information that is held by federally funded substance abuse treatment facilities and programs.

Page 3 of 5 pages  < 1 2 3 4 5 >