When collecting data, the Privacy Shield framework mandates that data must not only be “relevant for the purposes of processing,” but it also requires organizations to limit collection to only the relevant data. For example, if you collect information from an individual to provide them with technical support for a computer, you wouldn’t ask for their birthdate, social security number, or any other identifiers that are not relevant to your task. So if you do ask for personal information to provide technical support, be prepared to make a good argument for why it is required.
What does Integrity mean under the Privacy Shield framework?
In addition to only collecting the information needed, the Integrity principle requires organizations to take reasonable steps to ensure that personal data is:
- Reliable for its intended use
This highlights the importance of maintaining the accuracy of the data you hold about an individual and ensuring it is not outdated. Consider providing an opportunity for your customers to review and correct data you hold about them as one method for addressing this requirement. Other key questions for maintaining data integrity include:
- How do you verify that security is enforced?
- How do you know who is accountable for it?
- How do you prevent others from accessing it?
Purpose Limitation: Using Data for a Specific Reason
While there are several obligations that are associated with this requirement, one of the most difficult to achieve will be to mark all data collected with information that details the purpose for which it is collected in a meaningful way that is persistent and remains with the data. This is a perfect use case for a taxonomy-driven metadata implementation that can both identify the sensitivity and classification of the content you are collecting and the purpose for collection. That type of data classification and ongoing tracking will require a major shift in the behavior of many companies who collect data once and then keep it forever, thinking that they may have a new reason to use it in the future.
Purpose limitation also means you should collect as little data as is necessary to achieve your objective. While this may fly directly in the face of many marketing and business practices which traditionally operate under the assumption that “more is better,” the compliance, privacy, risk and security professionals in your organization will remind their business counterparts that once you have sensitive information, you are responsible for protecting it. So it’s always advisable to limit your collection to what is necessary for your business purpose while at the same time managing and containing the risk of potential data breach.
Finally, privacy and security risk management should intersect with other data lifecycle management programs within your company. Combining these related areas will allow you to better optimize resources and risk management for information assets to support responsible, ethical, and lawful collection, use, sharing, maintenance, and disposition of information.
For additional resources on how to prepare for the Privacy Shield framework, get your EU-US Privacy Shield Guide today!