Skip to main content

Data Privacy Day - Tip #3 - The weakest link??

My lunchtime speaking engagement was at the International Association of Privacy Professional's Boston KnowledgeNet. I had the pleasure to share the panel with Mike Spinney from Six-Weight (www.sixweight.com) and identity theft guru Robert Siciliano. We had a spirited discussion about privacy training and awareness. You can access their blogs in the panel to the right.

Our conclusion -- People are one of the weakest links in information security: employee negligence or wrongdoing is among the most common causes of security breaches.

Implement and train employees to follow formal information security policies that protect the private information of employees and customers.

Limit the number of people who have access to and/or handle confidential documents. Be careful when hiring new employees and perform full reference checks and, where warranted, ask new hires to sign confidentiality agreements.

Privacy awareness is as important as training and it should be continuing education.

Subscribe To Viewpoints

Author

Cynthia J. Larose

Member / Chair, Privacy & Cybersecurity Practice

Cynthia J. Larose is Chair of the firm's Privacy & Cybersecurity Practice, a Certified Information Privacy Professional-US (CIPP-US), and a Certified Information Privacy Professional-Europe (CIPP-E). She works with clients in various industries to develop comprehensive information security programs on the front end, and provides timely counsel when it becomes necessary to respond to a data breach.