ACM Privacy Recommendations - Minimization, v1.0
Profile of Minimization requirements from the Association for Computing Machinery (ACM) Privacy Recommendations
|Keywords:||There are no keywords.|
|Legal Notice:||This document and the information contained herein is provided on an "AS IS" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.|
Defines conformance and assessment criteria for verifying that an organization retains each collection of personally identifiable information (PII) for organization-defined time period to fulfill the purpose(s) identified in the notice or as required by law.
Defines privacy requirements related to mechanisms used to destroy sensitive information.
Privacy - Minimization of Personally Identifiable Information - Regular Reviews of PII Holdings For Continued Need, v1.0
Defines conformance and assessment criteria for verifying that an organization establishes and follows a schedule for regularly reviewing PII holdings at least annually to ensure that the PII continues to be necessary to accomplish the legally authorized purpose.
Defines privacy requirements evaluate new activities and technologies that might impact personal privacy.
Defines privacy requirements related to mechanisms used to reduce the retention of sensitive information.
Defines privacy requirements related to the deletion of sensitive information after calculation for statistical purposes.
Privacy - Minimization of Personally Identifiable Information - Collected PII Conforms With Notice and Consent, v1.0
Defines conformance and assessment criteria for verifying that an organization limits the collection of PII to the minimum elements identified for the purposes described in the notice and for which the individual has provided consent.
Defines conformance and assessment criteria for verifying that an organization uses personally identifiable information (PII) internally only for purpose(s) identified in public notices.