O3.1 Verify the existence and enforcement of regulations, policies and procedures

Principle

O3 Ensure data privacy by design

Risk

RS1 Privacy vulnerability

SV2 Weak rule of law

Life Cycle Stage

L1 Conception and Scoping

Practices

• Mandate that the specific purpose for data collection and exchange is clearly defined, documented and communicated to the data owners.

• Initiate special audits or surveys to understand the operators' feedback on the operation and the impact of purpose limitation clauses.

Resources

Case Study

Coming soon..

References