back to checklists

Data Minimization

Today, many organizations believe that the more data you have the more valuable it is. However, the over collection of personal information can dramatically increase the potential harm to individuals in case of a data breach. In addition, collecting unnecessary or indirect information that is loosely tied to a purpose is increasingly viewed as exceeding the scope of consent.

Data Minimization is a key privacy principle to respecting individual privacy and reducing risks associated with a data breach. Under this principle, only personal information that is directly relevant and necessary to a specified purpose is collected and kept for only as long as needed for that purpose.

  • Collection limitation: what information do i need?

  • Data inventory: what types of information do i have and where are they found

  • Data retention: what is the lifespan of my data

  • Accountability


back to checklists

The Office of Privacy and Data Protection announces beta testing of “Privacy Modeling,” a new web application that identifies the privacy laws relevant to the product or service you wish to create.

Go to Privacy Modelling App

Something went wrong. Please try again.