When data processing is undertaken jointly, it is important that roles and responsibilities need to be easily and clearly allocated in order to minimize risk to the people and communities represented by the data. These include the obligation to notify when laws are broken, to get require consent for processing, to provide access to data, and to delete. It also requires that users make explicit the decisions behind sharing and communicating. Otherwise, processing may lead to loss of confidentiality, social disadvantage, or accidental deprivation of rights and freedoms to exercise control over one’s personal data.
- Be clear about roles and Responsibilities for Data protection.
- Provide mechanism for person to exercise control over their personal data.
- State clearly what kinds of data (and how much of it) needs to be shared and with who and why it is being shared.