The concepts and principles specified in the DataGuard Energy Data Privacy Program Voluntary Code of Conduct were created by industry stakeholders and establish a framework for common practices that protect the access, use, and sharing of customer data. The DataGuard voluntary code of conduct specifies high-level concepts and principles that must be addressed by an adopting company when developing their data privacy policies. DataGuard establishes an outline or model for companies that includes questions to be asked and areas to be addressed. Providing the outline without specifying exact implementation details allows companies the flexibility to implement DatatGuard in the most appropriate manner for their company.
Key tenets of the DataGuard Energy Data Privacy Program include:
- Consumer Notice and Awareness: Customers should be given prior notice about privacy-related policies and practices.
- Customer Choice and Consent: Customers should have a degree of control over access to their own Customer Data.
- Customer Data Access and Participation: Customers should have access to their own Customer Data and should have the ability to participate in its maintenance.
- Integrity and Security: Customer data should be as accurate as reasonably possible and secured against unauthorized access.
- Self-Enforcement Management and Redress: Enforcement mechanisms should be in place to ensure compliance with the foregoing principles.
The DataGuard program is an industry-developed, self-regulated code of conduct for data privacy, and participation in the DataGuard program is voluntary. Companies that adopt DataGuard must publicly commit to its adoption and address the concepts and principles specified in the code.