Information, Articles, Tools, and Useful LinksCommittee Listings, Member Forums, and Find a CITPInformation on AICPA Tech. Conference, Seminars, Webcasts, and ConferencesIT Section Membership Information, CITP Credential Information, Members Only Tools and Communications, and MorePublications, CPE, Conferences, and Webcasts
 
Search
 

Search Options

Printer Friendly View

Infotech Home > Resources > Privacy > Tools and Checklists > Checklists & Worksheets > Privacy Responsibilities of Businesses
Privacy Responsibilities of Businesses
Source: The Canadian Institute of Chartered Accountants

Businesses are responsible for identifying the principal risks of the business and implementing appropriate measures to mitigate those risks. To determine the significance of privacy risk, it is important to conduct a privacy risk assessment. The results of that assessment will dictate whether, and to what extent, a privacy program should be established.

Personal information privacy risk can have a pervasive impact on a business. For example, it can lead to:

  • damage to the reputation of the business and to business relationships;
  • legal liability and sanctions;
  • charges of deceptive business practices;
  • customer and employee distrust;
  • denial of consent to use personal information for business purposes; and
  • lost business and consequential reduction in sales and profits.

This booklet highlights key questions a business should ask with the aim of understanding privacy risk, implementing a privacy program, managing privacy risk and obtaining privacy assurance.

Download Booklet

 
Copyright 2007, 20 Questions Businesses Should Ask About Privacy. Posted with permission by The Canadian Institute of Chartered Accountants.