Posts Tagged ‘privacy principles’
Monday, August 25th, 2014
Many marketing professionals have a common temptation; they want to send as many marketing messages to as many people as possible, and they would love to send it to all folks who have ever been customers or clients of their business, and often times actually want to simply send to everyone whose email address they can obtain in any way.
Privacy professionals make many efforts to guide marketers on what is acceptable and not acceptable. After all, (more…)
Tags:choice, data protection law, FIPs, GAPP, IBM, Information Security, information security risks, infosec, marketing, marketing privacy, midmarket, notice, OECD, PbD, privacy, Privacy by Design, privacy law, privacy principles, privacy professor, privacy risks, privacyprof, Rebecca Herold
Posted in Marketing, privacy | No Comments »
Thursday, July 31st, 2014
What is the difference between security and privacy?
Many of my clients are small and midsized businesses. They often express confusion over what each of these terms (neither of which have a universally-accepted definition) actually means, how they are different, and how they are similar. This is important for business leaders to understand so they can make appropriate decisions within their information security and privacy management programs. Especially in small and midsize businesses, where there may not be a specific position to address either of these important topics. Let’s start with considering at a high level the differences between information security and privacy. (more…)
Tags:data protection law, encryption, FIPs, GAPP, IBM, Information Security, information security risks, infosec, midmarket, OECD, PbD, privacy, Privacy by Design, privacy law, privacy principles, privacy professor, privacy risks, privacyprof, Rebecca Herold
Posted in privacy | No Comments »
Monday, February 16th, 2009
On February 12 the U.S. Federal Trade Commission (FTC), the most actively aggressive oversight agency in the U.S. with regard to enforcing privacy protections, released new behavioral advertising principles…
(more…)
Tags:awareness and training, behaviorial advertising, compliance, FTC, Information Security, IT compliance, IT training, policies and procedures, privacy, privacy principles, privacy training, risk management, security training
Posted in government, Laws & Regulations, Privacy and Compliance | No Comments »
Monday, February 25th, 2008
If you are responsible for information security or privacy at your organization, and your organization does marketing, here is something you need to know about and discuss with your marketing folks. I blogged about this in December.
(more…)
Tags:awareness and training, behavioral advertising, FTC, Information Security, IT compliance, personally identifiable information, PII, policies and procedures, privacy breach, privacy principles, risk management, security awareness, security training
Posted in Privacy and Compliance | No Comments »
Thursday, December 27th, 2007
On December 10 the U.S. Federal Trade Commission (FTC) announced that the FTC commissioners voted unanimously to have principles to govern online behavioral advertising. At the same time they released their proposed principles to guide the development of self-regulation in this area.
(more…)
Tags:awareness and training, behavioral advertising, cookies, FTC, FTC Act, Information Security, IT compliance, policies and procedures, privacy, privacy policy, privacy principles, risk management, security awareness, security training, web bugs
Posted in Laws & Regulations, Privacy and Compliance | No Comments »
Sunday, October 28th, 2007
One of the basic privacy principles is to limit the collection of personally identifiable information (PII) to only that which is necessary for the business purpose for which it is being collected. These privacy principles, built largely around the OECD privacy principles, are the basis for most data protection and privacy laws throughout the world.
(more…)
Tags:awareness and training, ID theft, identity theft, Information Security, IT compliance, OECD, PCI DSS, policies and procedures, privacy, privacy principles, privacy training, risk management, security training, SSN
Posted in Information Security, Privacy and Compliance, Training & awareness | No Comments »