While many boardrooms and information stakeholders are understandably focused on trying to prevent – or, sadly, clean up after – a data breach, while also meeting the compliance requirements of the impending the EU’s General Data Protection Regulation (GDPR), I think they may be missing a broader and deeper strategy that could help them accomplish both goals and lower other risks as well.
Created a couple of decades ago, Privacy by Design is a set of best practices to help application developers keep private customer and employee information secure. While the focus at the time was limited to how engineers protected data, consider how the following approaches could help organizations create a “culture of privacy” where protecting sensitive and personal information is explicit or implicit in everything we do:
What if we tweaked these best practices – some don’t need to be tweaked at all – and incorporated them into our corporate mission statements, training programs, and the day-to-day activities of every department?
Not a member? Join the community
Already a member? Sign in
Become a CGOC Member and have access to resources, white papers, surveys, proceedings, and practice tools such as the Information Economic Process Assessment Kit. CGOC Members receive first priority to regional CGOC executive meetings around the world.
Asterisks (*) indicate fields required for registration