• E-mail
• Print
• RSS

Survey shows more than half of organizations lack privacy resources, have policies too difficult to understand

HIPAA Weekly Advisor, June 12, 2003

Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!

The good news is that 98% of organizations have privacy policies. But the bad news is that 52% of those organizations have policies that are written in language too difficult to understand, according to a recent survey conducted by the International Association of Privacy Professionals (IAPP) and the Ponemon Institute.

The "2003 Benchmark Study of Corporate Privacy Practices" was sponsored by the Unisys Corporation and sent to members of the IAPP. Those participating in the survey were asked to submit all responses by May 15, 2003.

Results of the survey include the following:

• 92% of organizations have a process for informing their employees about privacy policies and procedures.
• Only 53% have mandatory employee training
• 52% believe their resources are inadequate to manage their privacy initiatives
• 54% do not integrate their information security procedures with privacy compliance activities

Of 107 survey responses, 55 were analyzed for a report on the results. All of the responses used came from organizations with more than 5,000 employees.

Although the IAPP consists of companies and organizations from various industries, health care organizations are the largest group within the association.

Go to http://www.privacyassociation.org for more information about the IAPP and e-mail the Ponemon Institute at research@ponemon.org to request a copy of the survey report.

Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!

• E-mail to a Colleague
• Print
• RSS
• Archive