Privacy Models that Work: A Guide for Canadian Organizations and Best Practices in Data Management: A Guide for marketers
This page has been archived on the Web
Information identified as archived is provided for reference, research or recordkeeping purposes. It is not subject to the Government of Canada Web Standards and has not been altered or updated since it was archived. Please contact us to request a format other than those available.
Organization
Canadian Marketing Association
Published
2005
Summary
The Canadian Marketing Association produced two guides and conducted a survey in 2005, all dealing with privacy legislation and compliance issues.
Privacy Models That Work - A Guide for Canadian Organizations (13 pages) examines privacy management models in Canadian organizations. It starts from the premise that the privacy management function is comparatively young, and that there is no widely accepted or single ‘right way’ to position, organize and manage the corporate privacy function. Based on interviews with more than a dozen leading Canadian organizations, the report distils the approaches used by these companies into three main models and an alternative model for smaller organizations – models that the report states “work for Canadian organizations.”
Each of the models is briefly described, with first-hand statements by privacy officers on the strengths of their model. The pros and cons of various privacy structures, key roles and responsibilities of privacy officers, privacy compliance management processes and audit processes are all briefly described, with a short bulleted section in each case on “what works.” The report concludes with a short section on incorporating privacy into overall business strategy.
Best Practices in Data Management – A Guide for Marketers (12 pages) is a customer-focused set of guidelines addressing four main areas of interest for marketers – collecting information, obtaining consent, safeguarding information and sharing it with partners.
In each of these areas of interest, the document offers specific, detailed and practical advice, based on the CSA Privacy Principles that will help marketers to apply best practices.
The section on consent, for example, explains the different forms of consent and covers nine specific points that marketers should be aware of when obtaining consent. There is similar valuable guidance in each of the other sections. The report concludes with a one-page summary of best practices.
Small Business Privacy Compliance – Research Findings (23 pages) is based on an online survey completed by 157 companies (275 companies undertook the survey, but 118 did not complete it, primarily due to the fact that privacy legislation did not apply to their business activities).
The survey posed questions concerning the handling of personal information within businesses, business attitudes towards privacy legislation, the steps taken by businesses to ensure privacy compliance, the ranking of various privacy risk considerations (for example damage to business reputation), what safeguards are in place, what barriers exist to full compliance with privacy legislation, and what additional resources are needed.
Lack of information was considered the leading barrier to privacy compliance (51%), with time taken to implement new laws and/or update processes the second top barrier (43%).
In the need for additional resources, the top three responses were, in order of importance, a need to understand the privacy laws from an industry perspective; a need for more simplified and more accessible information; and a need for better maps to find online information.
The report concluded with recommendations that the Office of the Privacy Commissioner help small businesses achieve privacy compliance (including the need to reach more businesses), start with the basics, recognize industry similarities and differences, provide a dedicated website for privacy compliance, and help businesses build a privacy policy.
This document is available in the following language(s):
English only
OPC Funded Project
This project received funding support through the Office of the Privacy Commissioner of Canada’s Contributions Program. The opinions expressed in the summary and report(s) are those of the authors and do not necessarily reflect those of the Office of the Privacy Commissioner of Canada. Summaries have been provided by the project authors. Please note that the projects appear in their language of origin.
Contact Information
Canadian Marketing Association
1 Concorde Gate, Suite 607
Don Mills, ON M3C 3N6
Email: info@the-cma.org
Website: http://www.the-cma.org/
Tel: (416) 391-2362
Fax: (416) 441-4062
- Date modified: