Putting Your Data Security Policies into Practice
October 18, 2017
We recently told you about the importance, in many cases the obligation, that businesses have policies in place to protect the company’s sensitive information.
From policies on internet usage to clean-desk policies. They help set the ground rules for your employees to follow to make sure your data doesn’t end up where it shouldn’t be.
But, while you need many policies, and practices they outline. To remain on the good side of with government legislation, in many cases, just having the policy doesn’t mean your company is compliant with the regulations.
Data Privacy Policy Training for Employees
Many government regulations require that employee training includes familiarization with data privacy policies and how each employee is expected to follow them.
And that’s more easily said than done.
Let’s just look at just one way your company might protect information, paper shredding. To get an idea of some of the hurdles you might encounter in getting the point across to new staff.
1. They Need to Know Why as Much as What
The destruction of documents can mean different things to different people. Some might feel if a piece of paper is crunched into a ball and tossed into a garbage can, it’s as good as gone.
Even if they understand that documents must be shredded, some might think that any shredding will do, versus understanding that the document must be shredded in a way that the information on it cannot be recovered.
2. You Can’t Just Tell Them
If all you do is make data security one of the points in their overall orientation. Chances are it won’t stick. In addition to printed policy procedures, creating a corporate video on consequences of not following the policy guidelines. And having the policy constantly available online can help reinforce its provisions and keep it front of every employee’s mind.
3. Follow-Up
Regardless of how good your training is. You need to follow up to make sure documents are being handled and destroyed according to the guidelines of the policy.
It’s your business and your obligation. The more you do to ensure that your employees understand how to protect your sensitive information, and why. The less chance there will be of any data loss or contravention of government legislation.
