Organisations must protect personal data and ensure that the confidentiality and integrity of personal data are maintained. When personal data is being transferred, a company must ensure that there is adequate protection. Organisations must prepare retention schedules that state what personal data is retained for how long and create strategies for personal data that is no longer necessary for a legitimate purpose.
Key learning objectives:
Why is personal data security important?
What are the two common roles under privacy law?
When can a company transfer personal data?