How not having a privacy program can impact B2B revenue

How many of us take the time to read privacy policies and notices on web sites? If you are in the B2B marketplace it may be worthwhile for you to review a prospect’s privacy information prior to making your initial contact. Why? Many businesses are requiring that their vendors have a privac...

Setting Expectations Through a Privacy Notice

Customers and employees don’t want to be surprised by how your organization uses and protects their personal information. A simple way to avoid surprise is to create a privacy notice that lays out, in easy to understand language, your organization’s approach to privacy.

Facial recognition, familiarity, and the creepiness factor

Several weeks ago there were a number of articles onĀ  British Airways googling their VIP passengers before boarding a flight. This practice allowed BA to step up theirĀ  level of customer service including recognizing these people by name as they arrived. BA could also gather all sorts of personal...

Social Engineering and Challenge Questions

A recent security breach of Apple’s iCloud security resulted in a journalist’s data being wiped out on his MacBook, iPad, and iPhone. The breach was accomplished through some cleaver social engineering. For those unfamiliar with the term, social engineering is the practice of manipula...

Does your staff overshare your corporate private information

Watching the Olympics is a quadrennial event for me. There are sports I like to watch that never get any coverage except when the Olympics role around. This year for some reason I’ve started paying attention to the human interest stories featuring the athletes (something, as a guy, I am loa...

“And you’re sharing my fingerprints with….?”

It is not unusual for me to make assumptions about how my personal information will be treated based on my past experiences. With technology changing as quickly as it does this is probably a mistake. Reviewing a privacy policy or looking for a notice when new technology is introduced is a good id...

Legal requirements, policy & the right thing to do

Ever since I created my first social media account I have been asking myself who is responsible for protecting my privacy. I always come back to the same answer, “I am”. Ultimately, I choose who I provide information to, who I use my credit card with instead of cash, and what I post t...

Don’t ignore the basic good practices

My wife and I have spent the past few days traveling US 95. One night we stopped in a small town in South Carolina to spend the night at a national chain’s motel. With the expected southern hospitality, I received a wonderfully friendly reception from the person manning the motel’s de...

Announcing Privacy Ref

For the past several years I have been working for a Fortune 150 business, leading the enterprise-wide privacy program. I have been fortunate to have a great team working for me and we were able to build a successful program including achieving PCI DSS compliance and Safe Harbor certification for...