We have four levels of standards related to data privacy: LEGAL STANDARDS which are established by law, order, or rule to compel treatment of certain classes of data; ETHICAL STANDARDS established by industry or professional organizations which see to achieve some level of non-legally binding treatment of information; POLICY STANDARDS, which are our clients and our own internal standards established to guide our treatment of data; and GOOD JUDGMENT, even if some actions are not prohibited by any legal, ethical, or policy standards.