PRISM+ Corporate Policy
Data Privacy
PRISM+ is committed to protecting the privacy and confidentiality of personal information (Personal Information) about its employees, customers, business partners and other identifiable individuals. PRISM+’s policies, guidelines and actions support this commitment to protecting Personal Information. Each manager and employee bear a personal responsibility for fulfilling the following general principles for collecting, using, disclosing, storing, accessing, transferring, or otherwise processing Personal Information.
The general principles are:
Fairness
PRISM+ will collect and process Personal Information fairly and lawfully and will provide clear notice about such practices.
Purpose
PRISM+ will collect Personal Information only if it is relevant to a legitimate business purpose PRISM+ will state that purpose where required by law (and where practicable if not required by law), and PRISM+ will process this Personal Information in a manner consistent with the purposes for which it is collected.
Accuracy
PRISM+ will strive to keep Personal Information in a form that is as accurate, complete, and up to date as is necessary for the purpose for which it is collected.
Disclosure
PRISM+ will make Personal Information available inside or outside PRISM+ only in appropriate circumstances and only in accordance with its stated practices.
Security
PRISM+ will implement appropriate measures to safeguard Personal Information and will provide appropriate resources to fulfill this objective. PRISM+ will also require third parties collecting, storing, or processing Personal Information on behalf of PRISM+, if any, to process it only in a manner consistent with PRISM+’s Data Privacy Policy.
Access and Redress
PRISM+ will provide individuals with appropriate access to Personal Information about them. PRISM+ will resolve questions and problems that may be raised by such individuals.