- For Home
- For Work
HP is among the most trusted companies More than 99% of permanent employees completed privacy training in 2012
People rely on information technology (IT) to manage many aspects of their daily lives. When they use IT, they expect their privacy and personal information to be protected. HP takes this responsibility to our customers very seriously. In the age of the Internet, protecting privacy can be a challenge. The ubiquitous use of personal information makes products and services more personalized, convenient, efficient, and widely available. However, it also makes personal information vulnerable to misuse.
Many privacy laws were created before the widespread use of the Internet, and regulators are struggling to keep pace with emerging technologies. HP is closely involved with governments and regulators worldwide to shape new privacy policies and frameworks. We support global interoperability between regional frameworks, such as European Binding Corporate Rules (BCR) and APEC Cross Border Privacy Rules (CBPR), and encourage collaboration between nations and regions to promote relevant, well-defined, and principles-based approaches.
"For nearly a decade, Ponemon Institute research has shown HP as one of the most trusted companies throughout the world for privacy and the protection of personal information. Maintaining a high level of trust among consumers, business customers and other stakeholders is a daunting task, especially in today's digitally connected world. Further, striking a balance between good privacy practices with growing demand for more and better data about consumers and customers is very difficult to achieve. Finally, HP's truly global footprint requires it to comply with a proverbial "patchwork quilt" of privacy and data protection regulations that appear to be in a state of rapid change in all major regions of the world."
"I believe HP has the ability to confront and withstand challenges that would otherwise diminish its privacy commitments to consumers, customers and other stakeholders. What impresses me the most about HP's privacy program is its exceptional team of privacy experts and strong, positive leadership by the company's chief privacy officer. I'm impressed with HP's ability to integrate good privacy and data protection practices into its core business processes throughout the world. I'm also impressed with HP's ability to align privacy program objectives with the company's core values and strategy. In short, when it comes to honoring its privacy commitments, HP is one of the few companies that walks the walk."
"Despite the many accomplishment made by HP's privacy team to date, it is clear that technology changes – such as the rise of smart devices, cloud computing, virtualization, social media and big data – can potentially impact the company's positive privacy culture. It may be helpful for the company to establish an external advisory counsel to help the privacy program to navigate through potential technological changes that might impact privacy and the stewardship of personal information. Members of the advisory counsel should represent a cross-section of leaders from the privacy community, information security experts and technologists. Another optional suggestion would be for HP to conduct and publish an independent audit of its privacy program and related commitments to stakeholders."
With the advent of technologies such as cloud computing, social media, e-commerce, cookies, and smart mobile devices, issues surrounding privacy and data protection matter now more than ever. HP's rigorous data privacy programs and practices are evidenced by, among other recognition, the acceptance of its Binding Corporate Rules by the European Data Protection Authorities.
The motivating factor in these efforts, says Daniel Pradelles, HP's Privacy Officer for Europe, Middle East, and Africa (EMEA), is trust. "Today, with the close relationship between the individual and the Internet, it is very important that we keep the trust of the data subject, or individual citizen, and ensure that his or her data is handled in the right way."
This requires not only complying with an evolving set of laws, but also continuing to meet heightened user expectations in this area. Daniel works to ensure that HP does both through the company's accountability approach to privacy.
"We advocate that companies should act in a responsible way, often exceeding minimum legal requirements, and also account for a range of other important factors. HP is one of few companies seen as a thought leader in regards to safeguarding privacy," he says.
In addition to working internally, Daniel also helps HP to have a broad impact on the global privacy agenda, with regulators and the industry, in the EMEA region and worldwide. He meets regularly with European Union privacy officials to build partnerships and shape best practices. Europe has some of the most stringent privacy protection regulations globally, with privacy codified as a fundamental human right in the EU charter.
Daniel also coordinates with his Privacy Officer counterparts in the Americas and Asia-Pacific and Japan regions on efforts to bridge differences in privacy laws and regulations across borders. This is essential to implementing global interoperability, a framework to responsibly manage worldwide flows of data.
Daniel believes that the importance of privacy to HP and its customers will only continue to grow. "In terms of global citizenship, respect for individual privacy is essential," he says. "And as technology becomes even more widespread, data protection will increasingly become a critical business requirement, which is why staying ahead gives us a competitive advantage."
HP's privacy strategy is based on providing transparency and choice to our customers. We create a chain of accountability for data privacy and security throughout our business and apply Privacy by Design in the product development process.
The HP Privacy Accountability Framework represents our comprehensive approach to helping employees assess and manage the risks associated with collecting and handling personal data. This helps us meet customer expectations and ensures transparency in our practices. The framework goes beyond legal requirements and also takes into account our company values, ethical considerations, contractual agreements, and local cultures. HP continues to pioneer and advocate accountability in new regulatory models worldwide to address new challenges.
HP teams work together to implement and monitor our privacy program. In 2012, more than 99% of permanent employees completed privacy training as part of our required Standards of Business Conduct course, which now includes an HP Privacy Advisor (HPPA) module. Employee in functions that routinely handle personal information, such as human resources, marketing, and client services, receive additional privacy training specific to their role.
Since 2008, our Privacy Office has worked with international regulators and industry groups through the Centre for Information Policy Leadership on a multiyear project to define what it means for a company to be accountable for its privacy practices.
The first three phases of this work identified the essential elements of accountability, defined ways to measure accountability, and developed the governance model that companies should adopt to implement accountability in the marketplace. In 2012, the fourth phase, sponsored by the EU Data Protection Supervisor's Office, focused on the specific components of a comprehensive program that companies need to establish and how to demonstrate the capacity of that program to external parties. This work continues with a focus on accountability as a foundation for global interoperability.
For complete information regarding HP's approach to privacy, please refer to our 2012 Global Citizenship Report. We also provide data and goals information for all of our Global Citizenship efforts in the Data Dashboard.
- Human rights
- + - Supply chain responsibility
- HP People
- + - Social innovation
- Economic impacts