Networking Discovery Assignment: Privacy Policy and Procedures

Verified

Added on 2021/11/09

AI Summary

This document presents a student's solution to Networking Discovery Task 2, focusing on the development and implementation of a privacy policy for a hypothetical company, AYS. The assignment requires the student to outline the information collected, its uses, and methods of protection. Furthermore, it details the company's stance on disclosing information to outside parties and the obligations of employees regarding data privacy. The solution includes a comprehensive privacy policy with sections on information collection, usage, protection, disclosure, and employee obligations. Additionally, the assignment covers the policies and procedures for employees to maintain the confidentiality, integrity, and availability of information, including how the privacy policy will be followed, maintained, and reviewed. The student emphasizes the importance of adhering to legislative requirements, ensuring data quality, and implementing technical and organizational security standards to protect personal information. The solution highlights the significance of employee training, secure networks, and clear processes for reporting privacy breaches to maintain data protection.

Name of Student:
Name of College:
Authors Note
Networking Discovery
TASK 2
Running head: NETWORKING DISCOVERY

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

NETWORKING DISCOVERY
Tasks
1. Submit a privacy policy giving following sections:
• What information is collected?
The information that is collected by AYS from their customers is personal in nature so their
privacy policy ensure to maintain and protect privacy and confidentiality of personal
information of customers. The information gathered includes name, date of birth, email
address of customers that is collected when customers register their account for services of
AYS. Also some additional information (optional) like residential address, phone number,
billing information is collected when customers need AYS’s services over phone or at site
based on complexity of service and issues. Further, if customers initiate payment to AYS then
billing information like name, address, email, financial information such as credit card
number, expiry date or bank A/C number is collected. All personal and optional information
that is collected from customer is linked to their account as profile information.
• What is it used for?
The information that is collected by AYS from their customers is used to govern, maintain
and offer different characteristics and features of services. It is also used to evaluate the
manner service is offered and utilised, examine effectivity of services, identify technical or
service issues, to maintain security of information and services operated, customise service
content and recognise information that can assist customers more efficaciously to get access
into their accounts. It is even used to govern overall metrics like total visits, traffic, for
content tracking and to track users as required to adhere to digital millennium copyright act
and other relevant legislations. Also the information that is collected from customers such as
contact number is utilised for marketing and offer new or applicable service offers.
• How information is protected?
The information is protected by securing personal information by applying different industry
standard for security process and technology so as to safeguard personal information from
unauthorised access, usage and reveal.
• Do we disclose any information to outside parties?
1

NETWORKING DISCOVERY
No AYS do not disclose any information that is collected from clients to third party without
expression of permission.
• Employee obligation to privacy
The employees of AYC are obliged to privacy policies to protect and maintain confidentiality
of personal information of customers and process them fairly and under law as well as they
are obliged to not utilise the information for any other purpose except for which it had been
collected. Also, employees are obliged to collect information only which is essential and not
excess of purpose and these are to be accurate and update. Further employees are obliged to
keep information not longer than essential and to process according to data’s subject rights as
well as to keep information secured and safeguarded from unauthorised processing, loss or
damage.
2. Policies and procedures for employees for maintaining confidentiality, integrity and
availability of information including how the privacy policy will be followed and
maintained/reviewed.
The policies and procedures that employees of AYS need to follow so as to maintain
confidentiality, integrity and availability of information includes employees to completely
maintain the conditions related to being fair in collection and usage of information, adhere to
legislative liabilities to state the purpose for which information has been utilised. Further
employees are obliged to gather and process only adequate information that is needed to
maintain operational requisites or to remain complacent to certain legislative needs and they
need to make sure of the quality of information that is used. Moreover the personal
information can be kept in AYS systems for as long as it is needed and employees need to
ensure the right of people whose information are collected to be completely processed under
the ACT such as data subject rights, right to access personal information, right to prevent
processing under some situations, right to correct, improve, block or delete information
which is wrong. Also employees need to follow adequate technical and organisational
security standards to protect personal information to maintain its integrity, confidentiality and
availability.
The privacy related to personal information can be followed and maintained with help of data
protection and privacy policy under which it is ensured that personal information is non
transferable outside AYS without adequate protection measures and policy states that to
maintain privacy acts guidelines employees need to be trained about online privacy and
2

NETWORKING DISCOVERY
security standards. Moreover it is required to develop secured networks to safeguard online
data from cyber hacks and set clear process for reporting privacy breaches or misuse of data
and to set data protection policies practices such as document shredding, secured locks, data
encryption, regular backups and authorised access to maintain privacy policies. It is also
expected that employees should be aware of requisites of data protection policies and about
the rules that are applicable to act, must complete data protection induction and training
annually and ensure responsibility towards personal information by not retaining it longer
than required to follow privacy policies.
3