MIS Quarterly Executive


This article presents a four-approach framework for designing a privacy program. One dimension is whether a firm sees privacy as a risk or an opportunity. The other is whether information management initiatives are focused internally or externally. Case examples from the Canadian financial services industry are used to illustrate the framework, and guidance is provided to help organizations use it as a tool to develop and assess their own privacy programs.