Privacy Ref Blog

Your staff needs to be “privacy aware”

When it is all said and done, no matter what policies you put in place, no mater what procedures you define, no matter what documentation has been written to support your privacy program, it is worthless unless your organization’s staff is knows that these tools exist making them “privacy aware”. Here are a couple of horror stories:

You can find regulatory violations, brand damage, and direct lost business in these cases. In each of these situations either the person executing a process or the person who had created a process was not aware of the privacy issues being created. By stepping up privacy awareness efforts these situations could all have been avoided.

Please understand that I am not suggesting that everyone needs to be a privacy expert conversant in the nuances of the laws and industry regulations. However there is a need for employees to be “privacy aware” enough of your company’s privacy policy and practices when they create new policies, procedures, or provide training to newly hired employees.

There are several ways to improve privacy awareness that I will be discussing over the coming blog entries, but what approach do you have that you are willing to share?

Privacy Ref provides consulting and assessment services to build and improve organizational privacy programs. For more information call Privacy Ref at (888) 470-1528 or email us at info@privacyref.com

Posted on September 24, 2012 by Bob Siegel
Tags: , ,

« »

No Responses

Comments are closed.


« »

Subscribe to our mailing list

Please fill out the form below.

Required

Want to find out more?

Simply go to the contact page, fill out the form, and someone from Privacy Ref will be in touch with you. You can also send an email to info@privacyref.com or call (888) 470-1528.

News

April 16, 2018

IAPP Training Classes
Privacy Ref is proud to announce that we are an official training partner of the IAPP. You now have the opportunity to learn from one of our knowledgeable privacy professionals using the most respected training content in the industry. The robust interactive training offered, aids in the understanding of critical privacy concepts. The contents of the courses are integral to obtaining your privacy certifications and to educate your new team. Learn more here.

Latest Blog Posts

April 30, 2018

Defining GDPR for Non-Privacy People
During the IAPP’s most recent Privacy Summit, I was approached with an interesting question. “I am a privacy professional and I know why GDPR is important. I know about the fines and requirements for compliance, but few others at my company do. How do I explain GDPR to my colleagues effectively?” I responded with a quick and simple answer that probably did not cover all the bases, so I wanted to write up some deeper thoughts on the subject. Continue reading this post...

Breach Notification and Follow Up
Unfortunately, it is a given that as an organization you will receive a notice from a third party that they had an incident or breach that may have compromised personal or sensitive employee or customer information.  A majority of the breach laws require immediate notification or notification within a 24hr to 48hr timeframe, not including notification times from a contractual perspective. The question then becomes what does the third party need to provide, the level of assurance in order for an organization to re-establish connectivity and/or to use third-party moving forward. Continue reading this post...

Other Recent Posts

PRIVACY REF