Which is NOT a Canadian Standards Association (CSA) Privacy Principle?
A.
Personal information shall be protected by the same security safeguards regardless of the sensitivity of the information.
B.
The purpose for which personal information is collected shall be identified by the organization at or before the time the information is collected.
C.
The degree to which personal information must be kept accurate and complete is determined by whether its original purpose has been achieved.
D.
Upon request, an individual shall be informed of the existence, use and disclosure of their personal information and shall be given access to that information.
The Canadian Standards Association (CSA) Privacy Principles, which are part of the CSA Model Code for the Protection of Personal Information and have been incorporated into the Personal Information Protection and Electronic Documents Act (PIPEDA), specify that personal information shall be protected with security safeguards appropriate to the sensitivity of the information. This implies that not all personal information requires the same level of protection, but rather protection proportional to its sensitivity. Therefore, the statement in Option A, "Personal information shall be protected by the same security safeguards regardless of the sensitivity of the information," is not a CSA Privacy Principle and is incorrect.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit