Question

Write a paper that discusses the seven global privacy principles that most companies have included in their self-regulation for data privacy. Why do companies include them? Is this enough? Why or why not?

Answer 1

The general data protection regulation (GDPR) have framed certain rules and regulations that need to be followed by every business in order to maintain ethical working and also protect the data from any external threat. The principles that companies include while maintaining data privacy are as follows:

• Lawfulness, fairness and transparency: the data in the organization should be treated in a way so that law and regulation are not harmed and also data is kept in a fair manner and ensuring that the data is transparent.

• Limited use of data: the data should only be used for the purposes pre defined by the company. Data should not be used for any other purpose, than what it was decided to be used for.

• Collecting minimum data: it states that the data which is only required to be used by the business in future should be collected. No other additional unnecessary data should be collected by the business.

• Accuracy of data: the data collected should be accurate in nature and updated. Incorrect data should not be collected and if collected, should be removed.

• Store limited data: the data so collected by the company should be kept only for limited period of time. The data which is not needed longer, should be removed from the database and no additional data should be kept.

• Maintaining confidentiality: it is the duty of every business to maintain high level of secrecy of the data and not make it fully available to everyone. Free access of data should be limited in few hands only.

• Maintaining accountability: it means that every company should maintain its data in a way that it adheres to the regulations framed out by the GDPR.

Why companies include them & is it enough:

Companies include the privacy principles in their working and data handling so as to work within the framework of law and become capable enough to face the competition in the market and win competitive edge over others. But, simply adhering to the privacy principles is not enough, it is also important for the employees to behave ethically on individual level and work within the framework of law. Also, self discipline is what is important to have if confidentiality of data need to be maintained.