1.1 This model code describes the minimum requirements for the protection of personal information. Any applicable legislation must be considered in implementing these requirements.
1.2 This Standard may be applied to all personal information. Provided the minimum requirements are met, organizations may tailor this Standard to meet their specific circumstances. For example, policies and practices may vary, depending upon whether the personal information relates to members, employees, customers, or other individuals.
1.3 The objective of this Standard is to assist organizations in developing and implementing policies and practices to be used when managing personal information.