How To Help Employees Respect Data Privacy
Security and data privacy practitioners mark their calendars every year to recognize Data Privacy Day on January 28. According to the National Cyber Security Alliance (NCSA) Data Privacy Day is “an international effort to create awareness about the importance of respecting privacy, safeguarding data and enabling trust.”
Data Privacy Day is about protecting your privacy (both personal and in business) and protecting the privacy of your clients’ data. Personal information is like money, yet many of us take for granted what happens to our data, how it is used, and where it ends up. Data Privacy Day is all about taking back control of your data and purposefully controlling how it is used by the services you have signed up for and any downstream vendors those apps or services use.
Considering the pandemic, Data Privacy Day takes on an even greater significance in 2021. Hackers have leveraged the uncertainty and chaos of this crisis to increase their attacks. Using pandemic-oriented phishing emails and newer, more sophisticated hacking techniques, hackers continue to exploit the pandemic to their advantage.
Given the heightened risks surrounding privacy and data protection, it is more critical than ever for businesses to get involved – but how? Here’s what can be done to help employees respect data privacy in the workplace.
Foster A #PrivacyAware Culture
Data privacy is good for business. If you take the time to respect client privacy and safeguard your business data properly, it ultimately enables trust. That trust usually translates to more business. 97% of companies have seen benefits like a competitive advantage or investor appeal from investing in privacy.
Now is the time to get your leadership involved and onboard with employing cybersecurity best practices. Start by assessing your data collection practices and understanding which privacy laws and regulations apply to your business. Consider adopting a privacy framework to help manage risk and create a culture of privacy.
Transparency also builds trust – internally and externally. Be open and honest about how your organization collects, uses, and shares personal information in your company privacy policy. Share messages with staff about privacy around the office, while working remotely, on internal message boards, and in company newsletters, or emails. Teach new employees their role in your privacy culture and reinforce it throughout their career.
Privacy Awareness Trainings
Do you follow reasonable security measures to keep customer information safe from inappropriate and unauthorized access? If you collect it, be sure you protect it.
Employees should fully understand why privacy matters. A data breach can not only cripple your business from a financial perspective, but also lead to a loss in reputation and customer trust. Educate your staff about the company’s obligations to protecting personal information and ask them to consider how privacy and data security applies to the work they do on a daily basis.
Here’s a list of additional topics to consider for Employee Awareness Trainings.
Be A Data Privacy Champion
2020 was obviously a challenging year for all of us and protecting your data should remain top of mind during these challenging times. While none of this is easy, taking the time to acknowledge the importance of your privacy and data during Data Privacy Day is a great first step. Review the links in the post or reach out to us if you need some help. Be a privacy champion at your organization, at home, and help others do the same. Stay safe!
Written by: Chris Zambuto | Chief Information Security Officer @CMITBostonCambridge
