Papers

A Policy is Not Enough: It Must be Reflected in Concrete Practices

Privacy policies and procedures alone, without a concrete strategy for implementation, will not protect an organization from privacy risks. The policies and procedures must be actively communicated, and staff must be educated about measures that need to be in place, so that policies will be reflected in actions. This paper sets out a series of seven steps that organizations should consider implementing in order to effectively translate their privacy policies into privacy practices.

Topics
Help us improve our website. Was this page helpful?
When information is not found

Note:

  • You will not receive a direct reply. For further enquiries, please contact us at @email
  • Do not include any personal information, such as your name, social insurance number (SIN), home or business address, any case or files numbers or any personal health information.
  • For more information about this tool, please see our Privacy Policy.