Here’s Why, Here’s How
Any business that has customers. Any healthcare provider who has patients. Any professional who has clients. Any government agency that serves citizens. All collect personal information about individuals to one degree or another. (Hint: The degree doesn’t matter.)
Organizations collect Personally Identifiable Information (PII) in virtually every transaction that occurs for a commercial, governmental, or social purpose today. And after they collect it, they may also process, transfer, share, and store that information themselves — or with a third party acting on their behalf. (Hint: It doesn’t matter which.)
Every organization that possesses PII needs to conduct a privacy risk assessment periodically, beginning with a first-time or baseline assessment. For those governed by privacy regulations, it’s a must. For the rest, it’s just good business management.
Let’s look briefly at some of today’s most notable privacy regulations.

Recommended Comments
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.