Logged in: Logged in as: Log in
Search:
Page last modified 14:49, 17 Jul 2009 by aaron.titus
Privacy Commons > Use Case 1 > Privacy Commons Statement M.4.38

Privacy Commons Statement M.4.38

Table of contents
  1. 1. Explanation

Anticipated or Demonstrative URI/URL: http://privacycommons.org/us/stateme....4.38/?id=1234 1

Description: Mock Privacy Commons Statement of for the medical industry, iteration 38, which refers to version 4 of the Medical PC Statement Requirements. This page is a mock/demonstration webpage, intended to demonstrate how Use Case 1 works.

Privacy Commons Statement M.4.38 is based on the requirements of Medical Privacy Policy Requirements Version 4.

ABC Corporation
123 Main Street, USA
Company Website: http://www...com
Privacy Policy: http://www...com/privacy.html 2
Privacy Contact: (Contact Information) 3

ABC Corporation's Privacy Policy and Privacy Practices conform to the following statements:

  • Complete: Our privacy policy is comprehensive pursuant to the Privacy Commons Medical Privacy Policy Requirements Version 4 4
  • Opt-In: You must opt-in to all contact with ABC Corp. 5
  • No Rights: Our privacy policy is not intended to guarantee any additional rights not provided by law. 6
  • Certified: A third party has certified our compliance with our Privacy Policy. 7
  • No Breaches: ABC Corporation has never had a breach of personal information. 8 Note: This statement has been disputed by members of the Privacy Commons Community [Link to Dispute Page]. 9
  • Auditable: We maintain an auditable trail of when personal information is shared, and with whom.10
  • Rated: Current and past versions of our Privacy Policy have been rated by the Privacy Commons Community [Link] 11

Report Abuse: To report inconsistencies between ABC Corp’s privacy policy and privacy practices, visit [Link]. ABC Corp will be notified of the complaint and have the opportunity to respond.

Explanation

1 Meaning of URI, privacycommons.org/us/statement/m.4.38/?id=1234:

.../us/...: This Privacy Commons Statement is designed for the United States

.../statement/...: Virtual folder containing all US privacy commons statements

.../m...: "M" indicates that this is a Medical Industry policy, as opposed to a financial, social networking, or other industry policy.  One organization MAY adopt more than one PC Statement from different industries if they maintain activities which require it.

...4...: Medical Privacy Policy Requirements Version 4, as maintained by Privacy Commons working groups or consensus bodies.  See the M.4 page for an explanation or example.

...38...: Indicates the PC Statement number, which will probably be assigned based on itterations of the statements, "Complete, Opt-In, No Rights, Certified, No Breaches, Auditable," and their possible counter parts.  In theory, if Privacy Commons adopts five of these fundamental PC notice requirements, and each of them have two values (ie, Opt-in vs. Opt-out), then there could be 5! (or about 120) iterations of a particular industry's PC Statement.

.../?id=1234: The ID "1234" is ABC Corporation's unique Privacy Commons identifier.  Assuming that ABC Corporation registers with Privacy Commons, this will allow them to tailor their PC Statement as shown in this example.

This example would require some sort of registration (and authentication) by an organization which wishes to adopt a PC Statement. A PC Statement may be adopted without full registration (ie, if someone seeded their privacy policy with machine-readable code), but would be difficult to write or confirm.

2 Ideally, the privacy policy would contain machine-readable code (P3P?) which Privacy Commons could interpret and automatically update, so that the company did not have to manually update their PC Statement each time they updated their privacy policy.

3 Other information may include prior versions of the privacy policy, or other relevant information.

4 This is where the heavy lifting comes in.  Through some sort of consensus process, Privacy Commons would create a list of subject matter which privacy policies must address, even if they do not provide perfect protection. As the relevant subject matter would vary based on industry (ie, financial industry, medical industry, social networking industry, personal websites), separate Privacy Commons consensus bodies would develop required and optional subject matter.

5 Alternatively, this component may read: “Opt-Out: You must opt-out to avoid contact…”, or “Opt-In/Opt-Out: Some of our services are opt-in, while others are opt-out, and are clearly notated in our Privacy Policy."

6 Alternatively, this component may read: "Some Rights: Our privacy policy is intended to guarantee some additional rights not provided by law. The conditions of these rights are clearly stated in our privacy policy."

7 Alternatively, it may read: “Not Certified: …has not certified our compliance…

8 Alternatively, it may read: "No Recent Breaches: ABC Corporation has not had a breach of personal information in the last six months or more. Prior breaches are addressed in our privacy policy, as well as actions we took to mitigate future breaches."

9 ABC Corp has represented that they have never had a breach.  However, if a breach occurs and the company fails to update their privacy policy, the community may dispute the statement.  Presumably, the dispute would include verifiable statements of facts including links to news reports, and other verifiable information. This model of community-based correction could be applied to other representations in the PC Statement, as well.

10 Alternatively, it may read: "Not Auditable: We do not maintain records of good-faith or authorized transactions of personal information."

11 This is where the Privacy Commons community can weigh in on how much protection the privacy policy actually affords. Should a privacy policy comply with all of the technical requirements of the PC statement but fail to give any meaningful consumer protection, the community can identify those weaknesses.

12 Link
12 Note

13 Link
13 Note

14 Link
14 Note

Tag page
What links here

Files 0

Attach file or image
 

Images 0

 
Viewing 1 of 1 comments: view all
#1
Edit
Anonymous says:
Nice story about this.
Great Nice Pictures
causes back pain knee high shoes lizlange maternity fishing boats sale flu incubation period remedies sore throat cost breast implants muscle weight gain surgery breast reduction girls party ideas women laptop bags car brake parts continuing nursing education cost breast augmentation protein whey powder baby slings carriers bed bugs pictures bedding duvet covers phone pay as you go outdoor swing sets discount dinnerware sets coffee espresso machines salton yogurt maker hair color pictures pictures of haircuts asvab practice test herpes photos easy cooking recipes toy dog breeds herpes simplex 1 personalized dog tags stress fracture foot occupational therapy schools frontline plus cats fleas on humans physical therapy salary scabies pictures pictures of shingles what is blood pressure ibuprofen side effects pictures of ringworm gendongan bayi kain cukin ring sling pouch sling perlengkapan bayi selendang bayi nursing cover selendang baby perlengkapan bayi baru lahir bayi bayi lucu foto bayi parish vintage ebooks download tv series download manga free download make money online health information cell phone review disorders anxiety psat practice test blood preasure smart water filter filter pur water weight loss effects blood pressure side effects socks over knee socks dress food dehydrator tray massage chair ijoy homedics massage shiatsu evening gown dress evening wedding dress dry face skin gold toe sock window coverings blinds blinds for windows lip gloss cosmetics folding table chairs women high heels stockings high heels treatment of pain chlorine generation makeup lighted mirror pain management specialist lawn pest control garden pest control joint pain causes
Posted 06:55, 22 Jun 2010
Viewing 1 of 1 comments: view all
You must login to post a comment.
Powered by MindTouch Deki Express: open source enterprise collaboration and wiki software