From the course: Certified Information Security Manager (CISM) Cert Prep (2022): 1 Information Security Governance
Join today to access over 22,700 courses taught by industry experts or purchase this course individually.
Limiting data collection
From the course: Certified Information Security Manager (CISM) Cert Prep (2022): 1 Information Security Governance
Limiting data collection
- [Instructor] Limiting data collection is the most important way that an organization can protect personal privacy. If an organization doesn't collect personal information in the first place, it can't abuse, lose, or otherwise mistreat that information. Privacy principles require that organizations provide individuals with notice of the information they collect, the ways that they use it, and obtain consent of those individuals for that use. And this is just the first barrier to data collection. Organizations should never collect information that falls outside of the disclosures that they've made to individuals, even if it's easy to do so or seems to be incidental to the approved purpose. If you do have a legitimate need to collect more information than you've disclosed, you should revise your disclosures, notifying individuals of the information that you're collecting and how you will use it. Obtain new consent prior…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.