[LINK] The handling of personal information

[Dr Bob Jansen]

I have been asked to draft a small discussion paper on how an 
organisation should go about handling personal individual's data. The 
issue is what words to put into a consent form that provide enough 
information to the person to sign the form that the organisation takes 
the security of their information very seriously without a 70 page 
diatribe of technical mumbo jumbo. Currently, the statement reads, 'Your 
information will remain confidential' but goes no further and I argue 
that this does not fill any reasonable person with confidence that the 
organisation knows what they are talking about. It provides no more than 
a wish that they would pike to do so (or maybe could do so). I argue 
that it needs more indication of what is actually in place, ie, all 
information stored digitally will be encrypted, all communication of 
your information will be in an encrypted form (maybe even stating the 
algorithm to be used), etc.

All advice, guidance, etc welcome and I will post the final copy of my 
paper to the list for community information.

bobj

-- 
--------------------------------
Dr Bob Jansen
Turtle Lane Studios Pty Ltd
PO Box 26, Erskineville NSW 2043, Australia
Ph: +61-414 297 448
Resume: http://au.linkedin.com/in/bobjan
Skype: bobjtls
http://www.turtlelane.com.au

In line with the Australian anti-spam legislation, if you wish to receive no further email from me, please send me an email with the subject "No Spam"