Samples, Tools and Templates    IT/Data Brokerage

Privacy notices code of practice

This code of practice from the UK Information Commissioner’s Office is designed to help businesses collect and use information appropriately by drafting clear and genuinely informative privacy notices.

Best Practices for Social Media

This paper from the CIO Council addresses various ways the Federal Government can use social media for information sharing, situational awareness, and to support agency operations, and the key considerations for each. The paper also explains privacy best practices for establishing a social media program, from pulling together an intra-agency team of experts to establishing internal social media polices and ensuring transparency of social media uses through published privacy notices and documentation.

The OECD Privacy Framework

This booklet brings together the key components of the OECD privacy framework, along with the supplementary documentation to provide context and explanation. The cornerstone of that framework is the revised Privacy Guidelines, which form Chapter 1.

OECD Guidelines Governing the Protection of Privacy and Transborder Flows of Personal Data

These new guidelines constitute the first update of the original 1980 version that served as the first internationally agreed upon set of privacy principles and focus on the practical implementation of privacy protection through an approach grounded in risk management and the need for greater efforts to address the global dimension of privacy through improved interoperability.

Personal Computing Device Access to Company Computing Systems

This sample policy addresses the use of employee-owned personal computing devices to access, with certain limitations, the Company’s computing systems.

Computing Systems Use Acknowledgement

A sample contract between an employee and employer outlining acceptable uses of company owned computing systems and data owned, operated or controlled by the company.

Short Form Notice Code of Conduct To Promote Transparency in Mobile App Practices

This voluntary Code of Conduct for mobile application (app) short notices developed through the Multi-Stakeholder Process on application Transparency convened by the United States Department of Commerce. The purpose of the short form notices is to provide consumers enhanced transparency about the data collection and sharing practices of apps that consumers use.

ACCESS AWARE toolkit for businesses

The UK ICO created this toolkit for businesses as part of its ACCESS AWARE campaign aimed at helping prompt employees to recognize a request for personal information and know how to deal with it. It includes employee awareness posters and a ‘subject access request’ step-by-step guide.

Children’s Online Privacy Protection Rule: A Six-Step Compliance Plan for Your Business

This step-by-step plan from the FTC helps organizations determine whether they are covered by COPPA—and what to do to comply with the Rule, if so.

Complying with COPPA: Frequently Asked Questions

The following FAQs from the FTC are intended to supplement the compliance materials available on its website. This document serves as a small entity compliance guide and covers general questions about COPPA, enforcement, parental notice and consent and more.

Cloud Computing - A guide to making the right choices

The Privacy Commissioner of New Zealand developed this privacy checklist to help organizations figure out whether their client and staff information will be safe if they switch to cloud services.

Mobile Privacy Disclosures: Building Trust Through Transparency

Based on the FTC’s prior work in mobile privacy, panel discussions and written submissions, this report offers suggestions for the major participants in the mobile ecosystem as they work to improve mobile privacy disclosures.

Best Practices for Companies That Use Facial Recognition Technologies

Drawing on the core principles of its report Protecting Consumer Privacy in an Era of Rapid Change, the FTC released this staff report to help companies using facial recognition technologies protect consumers’ privacy as they use the technologies to create innovative new commercial products and services. It builds upon the discussions at the Face Facts workshop and the comments received thereafter to set forth a series of case studies illustrating recommended best practices for companies using or planning to use facial recognition technologies in their products or services. (2012)

Deleting Personal Data

This guidance from the UK Information Commissioner’s Office explains what organizations need to do to make sure they comply with the Data Protection Act when they archive or delete personal data.

Organizational Privacy Poll

A poll conducted on the IAPP Privacy List asked list subscribers where the data privacy office lies in their organizations and who owns the internal privacy policy within their organizations. This table represents the reponses to those questions.

Page 3 of 10 pages  < 1 2 3 4 5 >  Last ›