We would like to keep you up to date with the latest news from Digitalisation World by sending you push notifications.
Data Privacy Week was inaugurated by the National Cybersecurity Alliance (NCA) because of the importance of privacy data. The occasion began in the United States and Canada in January of 2008 and is an extension of Data Protection Day in Europe, commemorating the 1981 signing of Convention 108, the first legally binding international treaty dealing with privacy and data protection.
Privacy data is sensitive information that organizations or persons desire to keep from being made public, including financial data, healthcare data or other personally identifiable information that can be detrimental to consumers or businesses if mishandled. Guidance provided in the new CybeReady Data Privacy CISO Toolkit centers on actions that should be taken and precautions that should be followed to maintain secure custody of this sensitive information.
The guidelines are divided into two categories and designed to help employees while on the job, either onsite or when working remotely. For corporate environments, the recommendations include:
? Data Collection – Corporate employees are advised to collect personal information only for specific, approved purposes such as analytics, operations or marketing. Inform involved persons of the intended use of this information and secure consent before taking action.
? Proper Data Organization – It’s advised to store information in a secure, compliant and organized way that follows approved guidelines. Seek expert guidance if unsure how to properly handle the information. Revise the storage of this data if current procedures are found to be unsafe or out of compliance.
? Information Sharing – Employees should share private information only through secure, compliant and pre-approved channels only. Grant access to personal data only to those with a legitimate business need and through these channels.
? Information Storage– information should be stored only for as long as it is necessary or legally permitted. Employees should archive information using predefined methods that are based on the type and level of sensitivity.
In addition, the Toolkit provides guidelines for social media sharing, as well as web and app browsing practices, to protect employees while on their personal devices.
Employee training on data privacy is crucial for ensuring the security and protection of sensitive information within an organization. It is important for staff at all levels to understand their role in protecting data and to be aware of the potential consequences of mishandling or improperly accessing sensitive information. Therefore, providing employees with the knowledge and skills to handle data responsibly can help prevent data breaches and protect the reputation of the organization. In turn, such training assists organizations with complying with relevant laws and regulations, such as the General Data Protection Regulation (GDPR) in the European Union and the California Consumer Privacy Act (CCPA) in the United States.
“It is imperative that organizations today encourage employees to handle sensitive information with the utmost care and attention. Protecting the data of customers, partners, and stakeholders is not only an important aspect of corporate value, but a legal requirement that requires compliance,” said Eitan Fogel, CybeReady CEO. “Our Data Privacy CISO Toolkit provides employees with the knowledge and tools they need to handle data responsibly, instilling CISO’s with confidence that their employees will manage privacy data appropriately to create a strong foundation for future success.”