International Guide to PrivacyAmerican Bar Association, 2004 - 247 pagini A compendium of information to assist organizations in meeting privacy responsibilities and developing a privacy program. |
Cuprins
US Legal Framework | 11 |
2 US Laws and Regulations | 15 |
b Freedom of Information Act | 17 |
c Financial Services Modernization Act of 1999 GrammLeachBliley Act | 18 |
d Fair Credit Reporting Act | 34 |
e Health Insurance Portability and Accountability Act | 38 |
f Childrens Online Privacy Protection Act | 46 |
g Electronic Communications Privacy Act | 50 |
E Conclusion | 130 |
Privacy Programs Plans Policies Procedures | 133 |
1 The Privacy Program | 135 |
2 The Relationship Between Privacy and Security | 136 |
3 The Impact of Laws Regulations Principles Standards and Guidelines | 138 |
4 The Importance of a Comprehensive EnterpriseWide Privacy Approach | 139 |
B Development of a Privacy Plan | 141 |
1 Governance Structure | 142 |
h Economic Espionage Act of 1996 | 54 |
i Trade Secrets | 59 |
j Controlling the Assault of NonSolicited Pornography and Marketing Act of 2003 | 62 |
3 US Regulatory Action | 63 |
b Federal Communications Commission | 69 |
C Seal Programs | 71 |
1 BBBOnline Privacy Program | 72 |
1 Electronic Surveillance | 73 |
2 Social Security Numbers | 74 |
4 Laws Targeted at Specific Industries | 76 |
5 Reporting | 78 |
E Conclusion | 80 |
International Legal Framework | 81 |
B Multinational Laws Treaties and Agreements | 82 |
3 Council of Europe | 87 |
4 European Union | 89 |
b Privacy in Electronic Communications | 102 |
C Other NonUS Countries | 106 |
b Mexico | 110 |
c Argentina | 114 |
d Paraguay | 117 |
2 Asia | 118 |
b Peoples Republic of China and Hong Kong | 119 |
c India | 120 |
d Japan | 121 |
e Republic of Korea South Korea | 123 |
f Singapore | 124 |
g Australia | 125 |
h New Zealand | 127 |
b Republic of South Africa | 128 |
2 European Union | 129 |
b CrossOrganizational Privacy Team | 148 |
c Personnel | 149 |
3 Legal Considerations and Risk | 152 |
b Jurisdictional Differences | 154 |
c Contracts and Nondisclosure Agreements | 155 |
e Political and Cultural Expectations | 156 |
4 Data Classification | 157 |
C Privacy Policies and Procedures | 160 |
1 Main Policy Elements | 161 |
b External Privacy Policies | 162 |
c Practical Tips for Policies | 164 |
2 Procedures | 165 |
2 Change Management | 166 |
E Conclusion | 168 |
Implementation and Science Technology | 171 |
What Is Required | 174 |
1 Training | 175 |
2 Monitoring | 180 |
3 Compliance and Audits | 184 |
b Annual Audit | 186 |
c Internal and external audits | 188 |
4 Enforcement and Reporting | 194 |
C Technological Considerations | 196 |
1 Encryption | 197 |
2 Authorization and Access Control | 200 |
3 Digital Signature and Authentication Technologies | 203 |
5 Logs | 204 |
6 Anonymizing and Sanitizing | 205 |
Bibliography | 207 |
241 | |
Termeni și expresii frecvente
15 U.S.C. Section 16 C.F.R. Section agencies Article audit Bureau of National compliance Computer confidentiality Consent Order consumer controls COPPA corporate Council of Europe countries Court Cybercrime Data Privacy Data Protection Directive Data Protection Law data subject digital signatures disclose disclosure e-mail Electronic Communications Eli Lilly employees encryption enforcement ensure European FCRA Federal Trade Commission financial institution GLBA global Gramm-Leach-Bliley Act Guidelines hereinafter HIPAA implementation Information Protection Information Security Internet legal framework Michael Rasmussen monitoring National Affairs nonaffiliated third parties OECD Online Privacy Protection operations organization Personal Data Convention personal information policies and procedures Privacy & Security Privacy Act privacy and security Privacy Commissioner Privacy International privacy laws privacy policies privacy program Privacy Protection Act Processing of Personal regulations requirements right to privacy risk Safe Harbor safeguards sector Security Law Report Standards Statutes Technology trade secret U.S. Department Workplace
Pasaje populare
Pagina 5 - December 1997 concerning the processing of personal data and the protection of privacy in the telecommunications sector, OJ 1998 L 24/1; Directive 2002/58/EC of the European Parliament and of the Council on the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications), OJ 2002 L 201/37.