Problem
A management briefing lists the following as the top five actions that to improve privacy. Compare these recommendations to the Information Privacy Standard of Good Practice in Appendix H.4. Comment on the differences.
1. Show visible and consistent management support.
2. Establish privacy responsibilities. Privacy requirements need to be incorporated into any position that handles personally identifiable information (PII).
3. Incorporate privacy and security into the systems and application life cycle. This includes a formal privacy impact assessment.
4. Provide continuous and effective awareness and training.
5. Encrypt moveable PII. This includes transmission as well as mobile devices.