Table of Contents Table of Contents
Previous Page  12 / 42 Next Page
Information
Show Menu
Previous Page 12 / 42 Next Page
Page Background

8

1. BE ACCOUNTABLE

Your responsibilities

Comply with all 10 of the principles of Schedule 1.

Appoint an individual (or individuals) to be responsible for your organization’s

compliance.

Protect all personal information held by your organization or transferred to a third

party for processing.

Develop and implement personal information policies and practices.

How to fulfill these responsibilities

Develop a privacy management program. As part of this program:

Give your designated privacy official senior management support and the authority

to intervene on privacy issues relating to any of your organization’s operations.

Communicate the name or title of this individual internally and externally (e.g. on

websites and in publications).

Analyze and document all personal information handling practices including

ongoing activities and new initiatives, using the following checklist to ensure that

they meet fair information practices:

o

o

What personal information do

we collect and is it sensitive?

(Sensitive information may

require extra protection)

o

o

Why do we collect it?

o

o

How do we collect it?

o

o

What do we use it for?

o

o

Where do we keep it?

o

o

How is it secured?

o

o

Who has access to or uses it?

o

o

To whom is it disclosed?

o

o

When is it disposed of?

Develop, document and implement policies and procedures to protect personal

information:

o

o

define the purposes of its

collection

o

o

obtain consent

o

o

limit its collection, use and

disclosure

o

o

ensure information is correct,

complete and current

o

o

ensure adequate security

measures

o

o

develop or update a retention

and destruction timetable