Page 185 - DCAP309_INFORMATION_SECURITY_AND_PRIVACY
P. 185

Unit 12: Security Metrics and Privacy




          2.   This illustrates that there is an awareness of privacy concerns and  a commitment to  Notes
               information privacy.
          3.   It will also donate generally to enlarged public confidence and trust. Privacy rules should
               depend on the IPPs.
          4.   The privacy policies should be largely displayed and easily available. Including being
               downloadable if on a website.
          5.   If an agency is gathering  personal information all through  their website/channel,  the
               agency should include a link to its privacy rules at each point personal information is
               composed.
          6.   The privacy policy should begin with a positive declaration of commitment, be clearly
               written and use easily understood, just language.
          7.   Agency contact details should also be offered so that people have somewhere to express
               further queries connecting to information solitude, and an agency should have a system in
               place for managing such queries.
          8.   An agency must make obtainable to the public a document in which it evidently expresses
               its policies for the management of personal information that it holds.
          9.   On the demand of an individual, an agency must take sensible steps to inform the individual
               of the sort of personal information it holds, why it holds the information  and how it
               gathers, holds, uses and reveals the information.

          12.9.6 IPP 6: Access and Correction

          Individuals have a right to search for access to their personal information and make alterations.
          Access and correction is typically managed under the provisions  of the  Information Act. It is
          significant to discriminate freedom of information from information privacy. The differences
          between them are:

          1.   Freedom of information is typically concerned with convincing openness, privacy with
               compelling discretion.
          2.   Under freedom of information, anybody  can hunt for documents, while privacy  deals
               with the person who is the matter of the information.
          3.   Freedom of information deals typically with access, while privacy goes broader to also
               include the collection, use, quality, security and allotment of the information.

          This principle includes the following:
          1.   If an individual demands an agency having personal information regarding the individual
               for access to the personal information, the agency must offer the individual with access to
               the information except to the degree that:
               (a)  offering  access would pose a severe threat  to the life or  health of the person or
                    another person;
               (b)  offering access would prejudice procedures for the defense of the health or safety of
                    the public;
               (c)  offering access would irrationally interfere with the privacy of another individual;
               (d)   the request for access is dizzy or vexatious;






                                           LOVELY PROFESSIONAL UNIVERSITY                                   179
   180   181   182   183   184   185   186   187   188   189   190