Did you know there's an entire day dedicated to data privacy? Well, it's an important subject, so it's no wonder. Here's the scoop!
Data Privacy Day is an international holiday that occurs annually on January 28. The purpose of Data Privacy Day is to raise awareness and promote privacy and data protection best practices. It is currently observed in the United States, Canada, Israel, and dozens of European countries.
It began as a day focused on educating young people – mostly teens and young adults – about how to be safe online and keep their personal information safe with social networking platforms. Over the past four years with more elements of our lives being digitized, Data Privacy Day has expanded to include companies and consumers and the more general concerns with data privacy.
Data Privacy Laws
With the U.S. at the forefront of new data privacy laws being recently passed or under review in various state legislatures, data privacy is a popular subject as of late. This year's theme for Data Privacy Day is also quite timely given the focus on the value of data as recognized by the California Consumer Privacy Act (CCPA) and General Data Protection Regulations (GDPR). The theme is: Personal information is like money. Value it. Protect it.
Today is a great day to remind your employees that data privacy is a key player in the way you conduct business. As part of CCPA compliance, your employees should already be trained in your privacy policies and how to handle customer individual rights claims, but today is a great day for extra attention and some refreshers.
Data Privacy Employee Training Tips
- On-going education. Don't let today be the only time you talk about data privacy this year. Create a monthly or quarterly tip series on how to protect data, what relevant privacy laws like GDPR or CCPA mean to someone’s role and reminding employees how and when to conduct a privacy impact assessment or contact the privacy office.
- Test data privacy scenarios. Based on employee roles, present them with a data privacy scenario and see how they handle the issue. According to Shred-It’s State of the Industry report, nearly half (47%) of C-suite executives and 42% of small business owners report that human error or accidental loss by an employee is the cause of a data breach. Employees are both the strongest and weakest link in a privacy program. And, thanks to CCPA and other regulations, those breaches can result in penalties above and beyond real-life costs.
- Use signage as reminders. You can create attention-grabbing signage to put in the break room, on the elevator, in the bathrooms, or other frequented spots with tips and updates to your data privacy policies and practices. Be sure to change their locations and content to keep them fresh and employees engaged with the information you are sharing.
- Create a recognition system. Use this as an opportunity to recognize the employees who really understand and implement your company's data privacy practices day in and day out. You can recognize a few people each month or quarter in a company-wide email. You can create an on-going system in which employees could earn 10 points for every week in which they do not commit any data privacy errors. After collecting 50 points, they could earn rewards like a $5 gift card for coffee. Make the amount of points work for your team, budget, and the recognition frequency you want to maintain energy around data privacy.
- Communicate effectively with employees. Data privacy regulations are fluid with more states joining the CCPA way of thinking. Keep your team up to date with any changes or additions to their practices. To be effective, this communication needs to align with the company culture. Maybe it is a short funny video or an online game or quiz, a short email from an executive or an article to an intranet. A mix of styles is important to have quality engagement.
- Bring in an expert. Your employees may get tired of hearing about data privacy from you or another superior, so change it up a little! Host a lunch and bring in a data privacy expert. Learning about the subject from someone new who has more credentials on the subject can re-excite people about data privacy. Plus, free lunch never hurts!
Make Everyday Data Privacy Day
It’s important to remember that data privacy policies and practices are not something you can just think about once and year and then forget about. Continually make this part of staff meetings and company-wide communications. Be sure you are on top of any updates and changes that are made in national data privacy regulations. And, above all, remember that data privacy should be a driver in your business strategies in 2020 and beyond.
If you'd like to discuss how to make data privacy an integrated part of your company's day-to-day celebrations, please schedule a 20-minute complimentary consultation. We’d love to help you make everyday Data Privacy Day!