Privacy regulations are rules and laws that determine how information must be handled. This includes information that is being stored, requested, or shared. These regulations can apply to individuals, businesses, or governments.
Privacy is commonly regarded as a fundamental right. In many countries, the issue is taken so seriously that privacy regulations for certain entities are developed at the federal level. For example, in the United States, the Federal Trade Commission (FTC) dictates how privacy must be handled by financial institutions. These regulations not only outline which entities can be defined as financial institutions, but they also state how those that qualify must act in certain circumstances.
Privacy regulations can also be set at lower levels of government. In some cases, regulations are not a matter of law. Instead, institutions may bind themselves to certain procedures and standards on their own accord.
Information, in many cases, is sensitive. When a person goes to the doctor, a record is generally kept for her welfare and for the protection of those who treated her. When a person conducts a financial transaction, a record is often kept to assure proper accounting. Such records can benefit both the client and the service provider. If, however, this information is obtained by a third party, a person’s privacy may be violated and problems could ensue.
Privacy regulations dictate numerous relationships between numerous entities. In some cases, these rules determine procedures for fulfilling requests when one party seeks information regarding a third party. Some third parties do not have rights to obtain information without the consent of the person the information concerns. This can even be true if the third party is a spouse or parent.
There may also be a limit as to which information one can disclose. For example, if a person is in a car accident, an auto insurance company may request medical records regarding ailments pertaining to that event. That does not, however, give the auto insurance company rights to a person’s entire medical record.
Giving someone information he is not entitled to is not the only way to violate someone’s privacy. Care must also be taken to store regulated information in a manner that shows an effort to protect the privacy of the people it pertains to. A bank, for example, could be found guilty of violating privacy regulations if financial records are stored in an open trailer behind the facility.
Showing proper effort to protect sensitive information also takes into account how one entity communicates with someone it is associated with. Privacy regulations can regulate, for example, items that can and cannot be sent through the mail. In many cases, only certain information can be shared over the telephone. When that information is personal, efforts must generally be made to verify the identity of the person who is on the line.