Establishing a culture of privacy
Ten years ago, privacy was a new conversation for many organizations. Today, the leaders of most large organizations are talking about it. Boards’ and executives’ top concerns are:Meeting increased regulatory requirementsPreventing or responding to data breachesNavigating the pitfalls and prizes of data analytics
In the age of big data, and growing penalties for data protection fails, any company collecting personal information in any form, from clients, consumers, or employees, needs to be up to speed on privacy compliance. Yet for many organizations, it still isn’t a priority. According to a 2018 federal poll, 50% of Canadian companies don’t have internal privacy policies, and 60% have no data breach protocols.
Privacy compliance can be something of a minefield, where a simple error can have devastating consequences for an organization’s reputation and budget. Unfortunately, the solutions are not simple. Developing a comprehensive privacy program, like any new initiative, means reconciling different perspectives and priorities.
Different Vantage Points on Privacy
Getting Everyone on Board with Privacy
Some key steps towards getting everyone on board with a privacy program:
Ongoing privacy maturity requires buy-in from top-level executives and the Board of Directors, an engaged Privacy Governance Committee, an efficient and respected Privacy Officer, and responsible staff committed to protecting personal information. Ultimately, everyone in the organization is a stakeholder in effective privacy compliance.
This article is based on my book, Privacy In Design: A Practical Guide to Corporate Compliance