Daniel Pradelles: HP leads the way on the Accountability path… - CSR in Europe, Middle East and Africa -
CSR in Europe, Middle East and Africa » Daniel Pradelles: HP leads the way on the Accountability path…
Daniel Pradelles: HP leads the way on the Accountability path…

I asked my colleague Daniel Pradelles to give you an update on privacy and data protection at HP. Enjoy reading. Jeannette

HP leads the way on the Accountability path…

“Privacy and data protection. These words should provide a sense of safety and trust on the personal data processing and the company responsible for undertaking it. However, these days for many individuals, they give grave cause for concern... How can we be sure that details of transactions cannot be detected? That data is used in line with users’ expectations and that confidences are kept? How confident can we be that companies will willingly be accountable for guarding our privacy?” 

It has to be said that the concerns above may well impact the nascent ‘information society’ and its multiple, recent and promising evolutions, such as the internet, ambient intelligence, smart objects, cloud computing, social medias or social networking. Inappropriate handling may seriously reduce or slow down users’ benefits.

In order to address these concerns effectively, HP has been working with the Centre for Information Policy Leadership (CIPL), representatives from major industry partners, consumer protection groups and regulatory agencies to develop a Working Paper that sets out the essential elements of a new concept called ‘Accountability in Privacy Governance’.

The challenge is that all of us – companies, institutions and regulatory agencies - have different policies and practices on privacy, different visions and contexts. Consequently, our solutions for effective data protection management are different. How can anyone be sure that such solutions are adequate and that they are completely accountable for their actions? There is a need to formalise the accountability concept and its meaning and we need to do our best to harmonise the different approaches.

Our main goal is to look at accountability through several specific themes, such as: i) How it links to Privacy Governance issues, ii) What the essential elements of accountability are that link to trust in data management, iii) How to measure accountability, iv) The key linkage with another major concept named ‘privacy by design’, v) What the main incentives are for privacy accountability and finally vi) The challenges of certification and oversight.

Our aim, therefore, is to really work on the definitions and the key elements of accountability so that we can prepare a comprehensive document that contains new trends, practices and opinions on accountability that will be commonly accepted. Once completed, this Working Paper will be submitted for consideration and discussion to a number of major privacy regulators & international organisations, all of whom work to ensure consistent accountability strategy.

The importance of such an approach, which is at the heart of HP’s plans, has already been acknowledged in a recently released ‘Review of Data Protection Directive’ study produced by Rand Europe for Richard Thomas, UK Information Commissioner. Let me finish my blog entry again with a quotation from Richard, who stated in the forward of the study:

“A vital theme is accountability. Primary responsibility must be placed on organisations to get it right and they must be held to account if they get it wrong. Organisations must deploy the right technology and have a privacy-by-design approach at the heart of their plans. »

Thanks for reading.

Daniel PRADELLES EMEA Privacy Officer HP CCF

You can read more on Accountability in a recent article  in the HP Global Citizenship Bulletin.

Posted 06-18-2009 4:37 PM by jeanne2007
Filed under: , , ,

Comments

Carmen Torrego wrote re: Daniel Pradelles: HP leads the way on the Accountability path…
on 07-16-2009 8:29 PM

I am wondering if the accountability path and privacy above mentioned take in consideration not only the confidential data gathered by HP employees while performing the task for which they were hired, but the personal data they might gather  about other employees through social networking.

Said that, it is supposed HP employees have a high level of professionalism and integrity  that “guarantee”  that such information will not be unfairly disclosed within HP company and specially  within a company where HP work as a vendor.

In  any  case the company equipment is being used during working hours to share such private information, not business related, with their colleagues or with other employees of HP’s  clients while performing work onsite of their offices,  with the gravity that this imply.

Not only the employee affected is being bulled by HP employees performing work onsite it is office but is being bulled by it is own colleagues. Additionally it is own company in an intend to stops rumours or unwelcome comments can unfairly dismissed it . At which point legal proceeding might start if not done at earlier stage. The unfairly treated employee will sue the unfair HP employee, which will be accused of defamation and breaching the privacy right or “right of dignity at work”.

The result of such behaviour not only consist on the breach of the privacy statement mentioned on the  Global citizenship at HP and it is against the  Inclusion and Diversity policy  but it expose HP company and it’s companies to an  unnecessary risk. It breach as well the Code of conduct of the company where such works are performing on the name of HP.

This lead to put in doubt  HP reliability and accountability, and  question  at which extend this unfair employee and as extension the company itself manage  the confidential information

en trusted by it clients

.

Therefore it is HP responsibility to ensure the above mentioned scenario is reflected in this Accountability Path under construction. Because as said by Daniel, “Primary responsibility must be placed on organisations to get it right and they must be held to account if they get it wrong”.

Daniel Pradelles wrote re: Daniel Pradelles: HP leads the way on the Accountability path…
on 09-03-2009 4:06 PM

Dear Carmen,

Thanks for your comment. Let me first apologize for the time since your comment, July has been busy and summer break just finished.

Our privacy policy is fully referred to in our SBC (stands for Standards of Business Conduct) with the overarching objective to treat our customers and employees in a fair, compliant and ethical way.

The HP Privacy Office reports then to the WW "Ethics & Compliance" organization with all the consequences in terms of importance and visibility in case of significant infringement to Privacy policy and also to any others such as Inclusion and Diversity ones.

It means that the behaviour you mention above would be handled with highest priority and addressed according to our Code of conduct (SBC) with appropriate actions implemented.

Consequently there is no reasons to think that this "put in doubt" anything in current and future strategy & practices... In fact it is truly the inverse...

Because Privacy and other Ehics related policies are handled consistenly within same organization it will bring appropriate response to such scenario and ensure fullfilment of Company responsibility.

Regards

Daniel PRADELLES

EMEA Privacy Officer

Powered by Community Server (Non-Commercial Edition), by Telligent Systems