The vast majority of online businesses will have policy disclosure statements outlining exactly what the business does with this collected information. For example, most businesses value a customer's privacy as this encourages customers to do more business with them. Therefore, a typical privacy disclosure statement will begin by stating exactly what information they collect. For example, a company may state that on pages where one can order products, make requests or register to receive materials, the type of information collected includes, but is not limited to: the customer's name, physical address, email address, phone number, credit card or other form of payment information. Likewise, on pages where one can submit information about other people, such as when one orders a gift to be sent directly to the recipient, the type of information collected includes, but is not limited to: the recipient's name, address and telephone number.
Next, the privacy disclosure will state exactly what will be done with the aforementioned gathered data information. This part of the disclosure will typically state that the information provided is used only to complete the order and that the information is not shared with any outside party except as needed to complete the order. For example, when one orders a product online the information will be shared with the delivery company in order to ensure the proper shipment.
The privacy statement will also state how the company ensures that all submitted information is secure. For example, it will state that a company utilizes non-identifying and aggregate information to assist with website design and working with advertisers and that they never discloses personal or identifying information in this process. Further, it will state that to prevent unauthorized access to secure information and to ensure data accuracy, the company employs appropriate physical, electronic and managerial procedures and safeguards.
Finally, as does the Privacy Act, the privacy disclosure statements must state how one can access and/or modify their personal records. For example, a business will typically always allow a customer to access personally identifiable information either via online, telephone or through an account link found on every page.
Clearly, the Privacy Act, originally intended to apply only to government agencies, now applies to such non-governmental entities as the healthcare system and commercial businesses. What can be concluded from this expansion of the Act's jurisdiction is that, because of the Act, individuals now have an expectation of personal privacy. In order to ensure this expectation is met, all customer-related organizations must take steps, per the Privacy Act, to protect an individual's personal privacy.
Beaver, Kevin, Rebecca Herold. Practical Guide to HIPPA Privacy and Security Compliance. New York: CRC Press, 2003.
Carter, Patricia I. HIPPA Compliance Handbook. New York: Wolters Kluwer Company, 2002.
Casey, Timothy D. ISP Liability Survival Guide: Strategies for Managing Copyright, Spam, Cache, and Privacy Regulations. New York: Wiley, John and Sons, Inc., 2001.
Cate, Fred, Wallison, Peter, Litan, Robert and Michael Staten. Financial Privacy, Consumer Prosperity and the Public Good. Brookings Institution Press, 2001.
Clayton, Richard, Tomlinson, Hugh. Privacy and Freedom of Expression. New York: Oxford University Press, 2001.
Countryman, Clay, Mohre, Elizabeth H., and Heather C. Jahnke. HIPAA Compliance Handbook: Final Rule on Standards for Privacy. New York: Aspen Law and Business, 2001.
Davis, Tom. Citizen's Guide on Using the Freedom of Information Act and the Privacy Act of 1974 to Request Government Records. Washington, D.C.: DIANE Publishing Co., 2005.
Douglas-Steward, Jeremy. Annotated National Privacy Principles. BPR Publishers, 2001.
Flipp, Mark R., Castagnera, James O. Employment Law Handbook. New York: Aspen Law & Business, 2005.
Hudson, David L., Marzilli Alan. Open Government. Chelsea House Publishers, 2005.
Jasper, Mararet C. Privacy and the Internet: Your Expectations and Rights Under the Law. New York: Oxford University Press, 2001.
Knag, Paul E. And Lisa M. Boyle. HIPPA: A Guide to Health Care Privacy and Security Law. New York: Aspen Law & Business, 2002.
Maida, Pamela. Freedom of Information Act Guide and Privacy Act Overview. Washington, D.C.: U.S. Government, 1996.
Privacy Act. Washington D.C.: U.S. Government Publishers, 1988.
Rotenberg, Marc. Privacy Law SourceBook 2000: United States Law, International Law and Recent Developments. Electronic Privacy Information Center, 2000.
Staples, William G. Encyclopedia of Privacy. New York: Greenwood Publishing Group, Inc., 2006.
Sterns, Cliff. Consumer Privacy Protection Act of 2002: Congressional Hearing. Washington, D.C.: U.S. Government, 2004.
Tugendhat, Michael, Iain, Christie. Law of Privacy…