Difference between revisions of "Privacy and Security Policies"

From SmartWiki
Jump to: navigation, search
(Created page with "=Overview= ==About Privacy Policies== ==How Users Interact with Policies== ==Policy Life Cycle== =Configuration= ==Setting Up a Global Policy== ===Attaching Policies to a Logi...")
 
m
Line 1: Line 1:
 
=Overview=
 
=Overview=
 +
This article is about managing privacy and security policies within your SmartSimple system. Privacy and security policies are essential to aligning your system with regulation, mitigating risks, and fostering user trust by outlining how user privacy and data will be secured. In this article, you will learn to create and update policies, attach policies to collection points, and view policy acceptance. Privacy is a shared responsibility. To learn more, [https://www.smartsimple.com/trust-security-privacy-cookie-policy review SmartSimple's own privacy policies].
 +
 
==About Privacy Policies==
 
==About Privacy Policies==
 +
'''What are privacy and security policies?'''
 +
 +
Privacy policies outline how a website collects, uses, stores, and protects user data, providing visitors with the assurance that their personal information is handled with care and respect. Security policies, on the other hand, detail the technical and procedural measures implemented to defend against cyber threats and data breaches. Together, these policies protect users from identity theft, fraud, and other online risks. For example, SmartSimple has its own privacy and security policies which can be read in full at the [https://www.smartsimple.com/trust-security-overview Trust & Security Center on our website].
 +
 +
'''Are policies mandatory to have?'''
 +
 +
Privacy and security policies may be mandatory by law depending on the end-user’s location. For example, the [[General Data Protection Regulation (GDPR)]] is an information privacy regulation enacted by the European Union (EU) to protect individuals' privacy and personal data. The GDPR gives EU citizens more control over their personal data and sets strict guidelines for data processing and privacy practices for organizations operating within and outside the EU. Having privacy and security policies aligned with the GDPR is required for legal compliance and helps safeguard individuals' rights to privacy.
 +
 +
'''Can I use this feature to track other compliance activities?'''
 +
 +
The privacy and security policies feature can be utilized to track and manage various other policies and compliance activities. For instance, you might opt to use this feature to monitor conflict of interest attestations or agreements to other terms and conditions.
 +
 +
'''What are the differences between the new privacy policies feature and the old one?'''
 +
 +
The new privacy and security policies feature will be available starting July 2024. Policies created using the old feature must be recreated in the new privacy feature as they will not be migrated. You must opt in to using the new privacy and security policies feature.
 +
 +
 +
The new feature includes the following enhancements:
 +
 +
* Added ability to attach policies to key interaction points (login, signup, and record creation) to ensure compliance
 +
* Enhanced control over who sees which policies and when to ensure users only see relevant policies
 +
* Easier language translation management to save configuration time and ensure users have access to policies in their desired language
 +
* Added customizable acceptance options and behaviors giving you greater flexibility to meet your specific business needs
 +
* Strengthened the process for policy revisions for improved compliance management
 +
* User-friendly policy section builder for easier policy creation to increase administration efficiency without the need for technical skills
 +
* Streamlined access to view user acceptance records for improved transparency and accountability
 +
 +
<u>'''Note:'''</u> There is currently no mechanism to migrate existing policies into the new format. If you wish to keep using an existing policy, you'll need to recreate it using the new policy builder. Old policy acceptance data will still be retained.
 +
 +
 +
 
==How Users Interact with Policies==
 
==How Users Interact with Policies==
 
==Policy Life Cycle==
 
==Policy Life Cycle==

Revision as of 14:16, 13 May 2024

Overview

This article is about managing privacy and security policies within your SmartSimple system. Privacy and security policies are essential to aligning your system with regulation, mitigating risks, and fostering user trust by outlining how user privacy and data will be secured. In this article, you will learn to create and update policies, attach policies to collection points, and view policy acceptance. Privacy is a shared responsibility. To learn more, review SmartSimple's own privacy policies.

About Privacy Policies

What are privacy and security policies?

Privacy policies outline how a website collects, uses, stores, and protects user data, providing visitors with the assurance that their personal information is handled with care and respect. Security policies, on the other hand, detail the technical and procedural measures implemented to defend against cyber threats and data breaches. Together, these policies protect users from identity theft, fraud, and other online risks. For example, SmartSimple has its own privacy and security policies which can be read in full at the Trust & Security Center on our website.

Are policies mandatory to have?

Privacy and security policies may be mandatory by law depending on the end-user’s location. For example, the General Data Protection Regulation (GDPR) is an information privacy regulation enacted by the European Union (EU) to protect individuals' privacy and personal data. The GDPR gives EU citizens more control over their personal data and sets strict guidelines for data processing and privacy practices for organizations operating within and outside the EU. Having privacy and security policies aligned with the GDPR is required for legal compliance and helps safeguard individuals' rights to privacy.

Can I use this feature to track other compliance activities?

The privacy and security policies feature can be utilized to track and manage various other policies and compliance activities. For instance, you might opt to use this feature to monitor conflict of interest attestations or agreements to other terms and conditions.

What are the differences between the new privacy policies feature and the old one?

The new privacy and security policies feature will be available starting July 2024. Policies created using the old feature must be recreated in the new privacy feature as they will not be migrated. You must opt in to using the new privacy and security policies feature.


The new feature includes the following enhancements:

  • Added ability to attach policies to key interaction points (login, signup, and record creation) to ensure compliance
  • Enhanced control over who sees which policies and when to ensure users only see relevant policies
  • Easier language translation management to save configuration time and ensure users have access to policies in their desired language
  • Added customizable acceptance options and behaviors giving you greater flexibility to meet your specific business needs
  • Strengthened the process for policy revisions for improved compliance management
  • User-friendly policy section builder for easier policy creation to increase administration efficiency without the need for technical skills
  • Streamlined access to view user acceptance records for improved transparency and accountability

Note: There is currently no mechanism to migrate existing policies into the new format. If you wish to keep using an existing policy, you'll need to recreate it using the new policy builder. Old policy acceptance data will still be retained.


How Users Interact with Policies

Policy Life Cycle

Configuration

Setting Up a Global Policy

Attaching Policies to a Login Page

Attaching Policies to Other Collection Points

Attaching Policies to a Signup Page

Attaching Policies to a a Level 1, 2 or 3 Type

Activating a Draft Policy

Periodically Enforcing an Active Policy

Editing an Active Policy

Expiring a Policy

Creating Language Translations

Viewing Policy Acceptance