How should data privacy and security be integrated into accounting ethics?

• A. Protect client and company data, comply with privacy laws, limit data collection, secure handling, and disclose data governance practices in governance and reporting.
• B. Data privacy concerns are separate from accounting ethics and do not affect disclosure decisions.
• C. Privacy compliance is the sole responsibility of legal and IT departments, not accounting.
• D. Protect data, comply with privacy laws, minimize data collection, secure handling, and disclose data governance practices in governance and reporting.

Answer: (D)

Data privacy and security must be embedded in accounting ethics because accountants handle highly sensitive information and have a duty to protect confidentiality, maintain data integrity, and act with professional responsibility. The strongest approach combines protecting data with complying with privacy laws, aggressively minimizing the data collected to what’s truly necessary, ensuring secure handling and storage, and openly disclosing how data is governed in governance and reporting. This shows commitment to ethical standards, legal compliance, and transparent governance, which together build trust with clients, stakeholders, and the public. If privacy were treated as separate from ethics, or relegated only to legal or IT teams, the accountant’s fiduciary duties and confidentiality responsibilities could be overlooked. Simply focusing on limiting data collection without the broader emphasis on minimization, security, and governance disclosure would leave gaps in ethical practice and transparency.