Secure Management of Private Information
Project Manager – Nancy D. Barnes, Ph.D., CRM, CA; Project Workgroup Leader – Dernea Michaux-Davis, CRM, CIPP (US)
This technical report will include a general discussion of issues related to the secure management of private data or information. It will not focus on the requirements of specific industries or sectors, but will offer general advice for implementation of information privacy controls in the organizational setting. This publication complements the ARMA International Generally Accepted Recordkeeping Principles® (the Principles). The Principles are recognized as a de facto standard; they are used and accepted by information governance professionals around the globe. Standards created by other national and/or international bodies may be referenced, also, in the creation of this technical report.
This technical report will educate RIM professionals about information governance-related issues pertaining to protecting records with private, confidential, and/or proprietary data/information. It fills a gap in the standards/best practices literature by answering these questions:
1) How can organizations more effectively comply with privacy laws and regulations (domestic and international) in the management of these records?
2) How can the organization’s data/information security policies and procedures better affect its ability to handle such records?
Work is under way on this project.