Privacy Policy Primer PDF Print
Training ProviderLearn Skills


Quizzes & Final Exam
Location learnskills.org Qualification Certificate of Completion
Method Asynchronous Self-paced EligibilityOpen
Cost50 EUREnrol Now  

Learn Skills Online Course

Advances in information technology have enabled companies to collect, compile, analyze and deliver data around the world much more quickly and cheaply than ever before. But these technological advances have also brought new challenges to protecting "information privacy." In fact, some experts believe that privacy concerns will slow the growth of the Internet generally and electronic commerce in particular.

Different countries view privacy issues differently. In the U.S., for example, companies have largely been allowed to "self-regulate." In Europe, by contrast, protection of consumer privacy is the subject of extensive legislation, including a comprehensive Data Protection Directive that took effect in 1998. Foreign companies wishing to exchange personal information about European citizens with companies in the European Union must have policies in place that ensure an "adequate level of [privacy] protection."

In November 2000, the Commerce Department (in consultation with the European Commission) created a "safe harbor" program for U.S. companies wishing to receive personal information from European organizations. A fundamental requirement of the safe harbor program is that companies have a privacy policy addressing certain enumerated principles: (1) notice, (2) choice, (3) transfers to third parties, (4) access, (5) security, (6) data integrity, and (7) enforcement. Studies have shown that, while an increasing number of U.S. companies have developed privacy policies, enforcement of these policies has been spotty, at best.

Course Summary

 This course assumes that a company has developed a comprehensive, safe-harbor-compliant privacy policy and wants to ensure that its employees understand and abide by that policy.

The topics covered in the course include the seven principles of the safe harbor program:

  • Notice
  • Choice
  • Transfers to third parties
  • Access
  • Security
  • Data integrity
  • Enforcement