Data Protection Day
Data Protection day is aimed at raising awareness of data protection issues and to promote privacy and data protection best practices.
Organisations that fail to keep personal data safe are at risk of losing the confidence of their customers and stakeholders and risk long term reputational damage. At a time when data protection issues and security breaches have been subject to intense media focus in recent months, this is the perfect opportunity to put data protection issues at the forefront.
Why not consider ways that you could raise awareness of data protection issues within your organisation. For example:
- Have your staff received data protection training? This is a key tool in ensuring staff are aware of their responsibilities. It is good practice to have induction and periodic refresher training. Today may be the perfect day to check whether more training is required.
- Are you confident that your premises are secure? By preventing unauthorised access you reduce your risk of personal data falling into the wrong hands. Requiring staff to wear identity badges, swipe card access and dedicated areas to meet confidentially are all good practice steps which could easily be adopted.
- Do you have a retention policy in place? Does the policy relate to physical and electronic records? Does it identify retention periods for different types of records and who is responsible for destroying the records.
- Significant enforcement action is taken because of lack of encryption. Why not check that all your portable devices are encrypted?
- Why not monitor your data protection policy's effectiveness? For example, if you have a clear desk policy, perform a check to ensure compliance. This is a good way to highlight any problems and addressing any issues arising.
Whilst Data Protection Day only comes by once a year do not let that stop you from ensuring your organisation reviews its data protection practices from time to time to ensure that you follow best practice at every opportunity.