The concept that organizations need to build
privacy directly into technology, systems and practices at the design phase,
thereby ensuring the existence of privacy from the outset. Originating in the
mid-1990s by the Information and Privacy Commissioner of Ontario, the principle
has gained recognition around the globe, including from the U.S. Federal Trade
Commission and the European Commission. Privacy by Design consists of seven foundational principles: (1)
Proactive not Reactive; Preventative not Remedial, (2) Privacy as the Default
Setting, (3) Privacy Embedded into Design, (4) Full Functionality—Positive-Sum,
not Zero-Sum, (5) End-to-End Security—Full Lifecycle Protection, (6) Visibility and Transparency− Keep it
open, (7) Respect for User Privacy−Keep
A statement made to a data subject that describes how the organization collects, uses, retains and discloses personal information. A privacy notice is sometimes referred to as a privacy statement, a fair processing statement or sometimes a privacy ...
An assessment of an organization’s compliance with its privacy policies and procedures, applicable laws, regulations, service-level agreements, standards adopted by the entity and other contracts. The assessment or audit measures how closely the ...
Privacy (Data Protection) Officer
An official responsible for the coordination and implementation of all privacy, data protection and confidentiality efforts within an organisation. They are generally responsible to Data Protection Authorities (DPAs) or senior management for ensuring ...
EU/US Privacy Shield and Swiss/US Privacy Shield
The EU/US and Swiss/US Privacy Shield Frameworks were designed by the U.S. Department of Commerce and the European Commission and Swiss Administration to provide companies on both sides of the Atlantic with a mechanism to comply with data protection ...