One of the legal documents required for the formal incorporation of an ecosphere community of interest (CoI) is the Policies and Procedures (P&P). The P&P establishes a set of principles and policies that serve these principles, in order to achieve the CoI's long-term goals (i.e, the purpose as stated in its charter). The P&P defines specific methods/procedures employed to express these policies in action: detailed rules and guidelines to control the activities and Data Retention Policy of the organization. In the US, some policies are concerned with human resources (HR) issues (e.g., Health Insurance Portability and Accountability Act (HIPAA), or data protection1) and security), a direct response to the General Data Protection Regulation (GDPR), Data Protection Act 2018, or the California Consumer Privacy Act (CCPA).
The intent of the P&P is to influence and help formulate all the major decisions and actions of the organization. All activities within the organization are to take place within the boundaries set by the P&P. 2) Procedures are specific methods outlining the steps required to fulfill the policies on a day-to-day basis within the organization. Together, policies and procedures help the Governing Body of an organization meet its mission and goals.3)
One of the larger policies that is often required by the Governing Body granting incorporation are the human resources policies, especially those concerning health and human safety.