CIECA Standards Role in Information Privacy
Information and data privacy are of vital concern to every business and to society in general. CIECA strongly supports all member companies’ efforts to develop and implement comprehensive information privacy and data security plans.
It is widely held that a comprehensive information program consists of three main components:
- Data Security Plan: The physical and logical protection against un-authorized access to systems and networks.
- Data Privacy Plan: Internal policies and procedures designed to protect how data is used and shared.
- Data Segregation / Segmentation: The segmentation of information and data to limit what type of data may be shared outside the organization.
Each business is responsible for developing a program and policies aimed at addressing these important topics. This includes selecting business partners committed to information privacy and adherence to industry best practices.
To the extent possible, CIECA is committed to developing standards that support the concepts of Data Segregation and Segmentation to enable member companies who implement CIECA standards to share only the data necessary to complete the defined transaction.