What is the GAPP ?
Generally Accepted Privacy Principles (GAPP) is a framework intended to assist Chartered Accountants and Certified Public Accountants in creating an effective privacy program for managing and preventing privacy risks. The framework was developed through joint consultation between the Canadian Institute of Chartered Accountants (CICA) and the American Institute of Certified Public Accountants (AICPA) through the AICPA/CICA Privacy Task Force. It is a component of SOC 2.
The GAPP framework was previously known as the AICPA/CICA Privacy Framework and is founded on a single privacy principle: personally identifiable information must be collected, used, retained and disclosed in compliance with the commitments in the entity’s privacy notice and with criteria set out in the GAPP issued by the AICPA/CICA. This privacy objective is supported by ten main principles and over seventy objectives, with associated measurable criteria.
This solution will provide your organisation guidance on how to gain and maintain compliance with the GAPP.