A privacy concept that states data collectors should only collect and retain the bare minimum of personal data that is necessary for the data processor to perform their duties, and should delete that data when it is no longer necessary.
The right for individuals to correct or amend information about themselves that is inaccurate.
Data that must be protected from unauthorized access to safeguard the privacy or security of an individual or organization. According to NIST, this represents information, the loss, misuse, or unauthorized access to or modification of, that could adversely affect the national interest or the conduct of federal programs, or the privacy to which individuals are entitled under 5 U.S.C. Section 552a (the Privacy Act), but that has not been specifically authorized under criteria established by an Executive Order or an Act of Congress to be kept classified in the interest of national defense or foreign policy.GDPR refers to this as sensitive personal data that represents a mixture of private opinions and health information that falls into specialized, legally protected categories. Businesses must treat this data with the highest security.