IT IS ALL ABOUT PERSONAL ACTION
Putting up some posters, providing an online training and distributing some document with rules to follow is not enough to create awareness.
A user’s privacy awareness level can be seen by describing it as the actions a user takes in a given situation.
- Do they know about any policies governing that activity?
- Do they follow the policy?
- Do they know the risks and act to prevent them from happening?
- What happens when they are confronted with a new situation that is not addressed by the policy?
WHY IS PRIVACY AWARENESS IMPORTANT?
Remember: 98% of all data breaches are a result of a human errors.
Privacy awareness leads to a business culture where customer interest is important. Any contact of an employee with a (potential) customer or external partner will show this culture, giving trust and feeling of being taken care of. Internally, it will boost the cooperation between colleagues, giving purpose and the feeling of working together.
This will not only benefit your business, but also prevent damage to reputation (by data breaches) and possible fines imposed by authorities.
And… it is closely related to security, preventing your business confidential and sensitive information to fall in the wrong hands.
WHAT TO DO TO IMPLEMENT IT SUCCESSFULLY?
To protect the confidentiality, integrity, and availability of personal data in today’s highly networked systems environment requires that all individuals:
- Understand their roles and responsibilities related to the organization and the business interest
Privacy awareness programs impress upon users the importance of privacy and the adverse consequences of its failure. Awareness may reinforce knowledge already gained, but its goal is to produce privacy behaviours that are automatic.
The goal is to make “thinking privacy” a natural reflex for everyone in your organization.
Awareness activities can build in these reflexes both for the privacy professional and for the everyday user.
Given that privacy remains an ongoing concern, it may not be long until the rights established under the GDPR and CCPA spread to all consumers regardless of location.
These regulations represent an important step in the balance of consumers’ right to privacy and the need for organizations to collect information.
A privacy awareness program:
- Combines awareness of privacy with awareness of security
- Uses multiple channels with common sense
- Can change your business culture
- Will benefit your organization and your business
- Doesn’t require expensive external communication experts
But even with modern regulations, one thing remains unchanged:
Protecting privacy is still — and will always be — the responsibility of individuals.
Even the most strict, comprehensive law in the world means nothing if you don’t prioritize privacy awareness and take your privacy into your own hands.