Organizations establish and disclose privacy policies outlining their approach to handling PII. These usually entail:

  • Statement of the organization’s commitment to privacy. The type of information the organization would collect. This could include names, addresses, credit card numbers, phone numbers, etc.
  • Retaining and using e-mail correspondence.
  • Information gathered through cookies and Web server logs and how that information is used.
  • How information is shared with affiliates and strategic partners.
  • Mechanisms to secure information transmissions, such as encryption and digital signatures.
  • Mechanisms to protect PII stored by the organization.
  • Procedures for review of the organization’s compliance with the privacy policy.
  • Evaluation of information protection practices.
  • Means for the user to access and correct PII held by the organization.
  • Rules for disclosing PII to outside parties.
  • Providing PII that is legally required.

Start learning with Cybrary

Create a free account

Related Posts

All Blogs