Privacy Policy Information for Chapters
These are recommended guidelines. We suggest you discuss this information with your Board and develop your own privacy policy. If you have any questions, please contact privacy@theiia.org, or Judy Burke at IIA headquarters, telephone +1-407-937-1370.
With the advent of the Internet, individuals have become more and more concerned with how their personal data is being used. Privacy is coming under increasing scrutiny by watch-dog agencies, state/provincial bodies, and national bodies. The IIA is taking every precaution to ensure that our members' personal information is protected.
The IIA has adopted a Privacy Policy, which is intended to meet the requirements of legislation around the world concerning use of "personally identifiable" data. Use of the membership data The IIA shares with its institutes is restricted according to the policy. All institutes are encouraged to protect members' information and respect their wishes regarding release of personal data.
The following are guidelines which should be discussed by your Board of Governors and considered for adoption. If you are in Canada, the Personal Information Protection and Electronic Documents Act of Canada (see www.privcom.gc.ca) should be reviewed and adhered to. In the United States several privacy laws are under consideration but none apply directly yet to associations. We urge you, however, to adopt stringent guidelines over use of member information, whether in hard copy or electronic. Following are suggested guidelines:
- Directory
a) Do not include home addresses/phone numbers unless you receive approval from individual members. Use of business addresses, phone numbers, and faxes is permissible unless a member requests specific omission.
b) Always include a statement with your directory similar to the following: "Information in this directory is for use solely by IIA members in contacting one another. Use of information is prohibited for commercial use or solicitation of products and services. If you do not wish your name to be included in future directories, please express your wishes by marking the appropriate box on your Member profile on the IIA web site." Note that members opting out on their profile will automatically be excluded from the directory if you use the Institute Access Database Program provided by The IIA. If you use just the download, be sure to exclude anyone marked with an "N" in the directory column.
c) All directories on chapter Web sites should be restricted to access by members only.
2. E-mail
a) Some IIA members have requested that their email addresses not be used for IIA communications. If you use the Institute Access Database Program provided by The IIA to manage your membership data, these members will also be excluded in the e-mail extract program. If you use the data as provided by The IIA (Excel or text format), there are columns that indicate which members asked to be excluded from all IIA e-mails. You may want to include a statement at the end of your e-mails (whether regular newsletter or special announcement) such as: "This e-mail message is part of regular communications with members of the __________ Chapter. You may exclude yourself from future communications by updating your profile on The IIA Web site. However, by doing so you will exclude yourself from both IIA and chapter e-mails."
b) Restrict your communications to professional uses relating to IIA. Do not use the e-mail list for distribution of jokes, personal requests, etc.
c) Do not provide your e-mail listing to any outside party for any reason.
d) When sending e-mails to chapter members, use software to send information individually (so only one member's e-mail appears in "To" box), or send all e-mails via "bcc," which will hide all e-mail addresses. This will prevent others from "replying" and sending unauthorized e-mails to your members.
3. Mailings
Do not provide your mailing list to third parties without the express consent (or opt out opportunity) of your members. The membership download you receive from IIA Headquarters indicates which members have requested no outside mailings. The Institute Access Database Program will automatically exclude those members from the mailing labels. Be sure your members know they can opt out of unwanted mailings.
4. Changes to Membership Data
Members can change their personal data, as well as their "opt-out" choices, on the IIA Web site. Please direct your members to log on to www.theiia.org, and click on Member Profile to access their data.