Data Privacy Day Is January 28, 2019
By Jodi Daniels
Data Privacy Day. It happens every year on January 28th. Companies around the globe gear up for educating employees on the importance of privacy. It is wonderful that privacy gets its own special day and that it gets its limelight among the myriad of business initiatives. Some companies have games with special prizes, shredding bins, information tables outside of cafeterias, memos reminding employees why privacy is important, and many more activities.
Then January 29th comes around and the privacy tables, games and memos are packed away and employees carry on with their daily activities with privacy slowly slipping to the background.
Data is being collected, used, shared, stored, retained and destroyed daily. In the era of General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), Privacy Shield, and increasing global privacy regulation, training employees is not only a “nice to have” for large companies, it is required for organizations of all sizes.
Protecting data is a key component of any privacy program and in 2019, according to the Conference Board survey, cybersecurity is the number one external concern for the c-suite in 2019. The average cost of a data breach for a company, according to the prominent Ponemon Institute, is $3.86 million. As a result, it is imperative that organizations accurately evaluate their security risk posture.
Educating employees and communicating about the importance of data privacy needs to happen multiple times during the year. Perhaps that’s a monthly or quarterly tip series on how to protect data, what relevant privacy laws like GDPR or CCPA mean to someone’s role, and reminding employees how and when to conduct a privacy impact assessment or contact the privacy office.
To be effective, this communication needs to align with the company culture. Maybe it is a funny video or an online game or quiz, a short email from an executive or an article to an intranet. A mix of styles is important to have quality engagement.
According to Shred-It’s State of the Industry report, 47% of c-suite executives and 42% of small business owners report that human error or accidental loss by an employee is the cause of a data breach. Employees are both the strongest and weakest link in a privacy program.
This January 28, 2019 consider extending the knowledge and importance generated on Data Privacy Day into the other 364 days of the year.
About Jodi Daniels
Jodi Daniels is Founder of Red Clover Advisors, a data privacy consultancy that assists companies with GDPR compliance, operationalizing privacy, digital governance and online data strategy.