Quote

"Personal information controllers should protect personal information that they hold with appropriate safeguards against risks, such as loss or unauthorized access to personal information, or unauthorized destruction, use, modification or disclosure of information or other misuses. Such safeguards should be proportional to the likelihood and severity of the harm threatened, the sensitivity of the information and the context in which it is held, and should be subject to periodic review and reassessment."

Document

APEC: Privacy Framework, para. 28

Download Document

Privacy Framework

English

Summaries

Personal data controllers should ensure data accuracy and protect personal data from unauthorized disclosure, loss, modification, or other misuses.