FIPPs Questions

Fair Information Practice Principles (FIPPs) are five privacy principles set forth by the Federal Trade Commission (FTC) for protecting personal information:

  • Transparency: ensures no secrete data collection; provides information about the collection of personal data to allow users to make an informed choice
  • Choice: gives individuals a choice as to how their information will be used
  • Information Review and Correction: allows individuals the right to review and correct personal information
  • Information Protection: requires organizations to protect the quality and integrity of personal information
  • Accountability: holds organizations accountable for complying with FIPPs

Data Proprietors are encouraged to consider the following questions as they plan and develop new systems to help incorporate these five principles into their data collection and use practices.  (A FIPPs training course is available in the UC Learning Center.)

TRANSPARENCY

  • Is there notice at the collection stage that identifies the data being collected, the specific purposes for the collection of personal information, the authority for doing so, and an official contact for inquiries?
  • Is the notice associated with the collection of personal information available and consistent across all mediums of collection? 
  • Is the personal information collected necessary to the operating program or activity?

CHOICE

  • How is consent obtained?
  • Is the request for consent clear and unambiguous?
  • If personal information is to be used or disclosed for a secondary purpose not previously identified, is consent required? 
  • Can an individual refuse to consent to the collection or use of personal information for a secondary purpose, unless required by law? 
  • Where personal information is collected indirectly, is consent obtained from the individual to whom the information pertains?
  • If an individual refuses to consent to the collection or use of personal information for a secondary purpose, will this result in a disruption of the level of service provided to the individual? 

INFORMATION REVIEW AND CORRECTION

  • Have procedures been established to provide individuals with access in a "routine" manner to their personal information?
  • Are there controls in place over the process to grant authorization to add, change or delete personal information from records? 
  • Is the system designed to ensure that an individual can have access to his/her personal information including all other programs or applications that have received copies of the information? 
  • Are all custodians and participants aware of an individual's right of access and the complaint process? 
  • Are there documented procedures developed or planned on how to initiate privacy requests or requests for the correction of personal information?
  • Are individuals provided with access to their personal information in the official language of choice? 
  • If appropriate, are individuals provided with access to their personal information in alternative format? 
  • Are all custodians aware the individual's right of access and any requirement to advise the individual of formal and informal appeal and/or complaint procedures? 
  • Are the individual's access rights assured for all the data sets private sector partners and/or subcontractors? 
  • Is the system designed to ensure that access by an individual to all of their personal information can be achieved with minimal disruption to operations? 

INFORMATION PROTECTION

  • Will steps be taken to ensure that the personal information is accurate complete and up-to-date? 
  • Are staff trained in the requirements for protecting personal information and are they aware of the relevant policies regarding breeches of security or confidentiality? 
  • Are user accounts, access rights and security authorizations controlled and recorded by an accountable systems or records management process?
  • Are there documented procedures in place to communicate security violations to jurisdictions, data subjects and, if appropriate, law enforcement authorities? 
  • If sensitive personal information will be used in the electronic delivery of services, have technological tools and system design techniques been considered which may enhance both privacy and security (e.g., encryption, technologies of anonymity or pseudo-anonymity or digital signatures)? 
  • Is the system designed to ensure that an individual has been notified when a correction to his/her information has been made?  
  • Is information anonymized when used for planning, forecasting, and/or evaluation purposes? 
  • Have criteria been established for determining and authorizing "need to know" access to personal information? 
  • Has a communications plan been developed to fully explain to the public how their personal information will be managed, including how it will be protected, as part of the delivery of services proposal?

ACCOUNTABILITY

  • Are there oversight and review mechanisms implemented or available to ensure accountability? 
  • Have independent privacy oversight and review mechanisms been established?
  • Are standards and mechanisms in place to ensure the recognition of persons authorized to make privacy decisions on behalf of others (e.g., a minor or incapacitated person)? 
  • Has a procedure been established to log and periodically review complaints and their resolution with a view to establishing improved information management privacy practices and standards?

For assistance with any campus privacy related questions, please contact the UC Berkeley Privacy Office.