ABSTRACT
Many believe that computer use in large organizations poses a threat to individual privacy. Most U.S. businesses favor self-regulation instead of computer security legislation to ensure a reasonable level of security for personal data. This chapter explores the need for policies that will be complied with and illustrates some of the technical and administrative issues to be considered along the way. Meaningful policies for secure personal data require organizational commitment to both privacy principles and technical security measures.
