Unless this is your first day in compliance, you probably know that the number of data compromises (breaches, leakage, and exposure) keeps growing, year after year. 📈 According to Statista, there were over 3,200 data compromises in the year 2023 (a new record), impacting over 353 million individuals. The industries most vulnerable to breaches include healthcare, financial services, and manufacturing, although no industry is untouched. It's easy to become numb to the sheer number of data breaches.
Another day, another breach. | Source: Sony Pictures The King of Queens via giphy
With the growth in breaches, there’s also an increasing number of events to highlight the importance of privacy, among them International Data Privacy Day, Safer Internet Day, National Clean Out Your Computer Day, National Cyber Security Awareness Month, Computer Security Day, and Choose Privacy Week. (Side note: We’ve highlighted many of these in our 2024 Compliance Events calendar. If you haven’t already downloaded yours, get it now. 🤫)
Source: TLC’s Kate Plus Date via giphy
Do you need to teach your employees about the importance of privacy? Heck, yes! Do you need to do so during one of the days or weeks mentioned above? Nope! In fact, you should be discussing privacy—or at least creating privacy awareness—with your employees year-round, as nefarious actors are always drumming up new ways to get information.
And we’ve got the goods to help you do just that! Broadcat has 70 tools to help you teach your employees about the importance of privacy and their roles in it. I’ll share some of them with you, as well as some other ways to highlight the importance of privacy to your employees, so you can stay out of the news and focus on your mission.
Your employees
Your employees are the most important aspect of your privacy program. One employee letting their guard down for one minute could compromise the privacy of all your customers, patients, employees, and other stakeholders. Here are some of my favorite pieces, which you can use to kick off a mini-training campaign, and then continue leveraging for year-round compliance learning.
- Our short Want to collect customer data? video includes the five W’s and sometimes H of collecting personal data. 📼
- How to protect our data from imposters helps your employees identify some of the tactics imposters use and how to verify if things are legit. 🚧
- Notify Privacy when mistakes happen shows your employees that it’s not only okay to reach out to the Privacy Team—it’s encouraged—and gives examples of when to reach out. 💫
- Is this personal data? helps anyone working with information know whether it’s considered personal data. 💻
Looking for another idea? Team-wide conversations are another great way to share helpful info about data breaches, especially when those conversations cover breaches in industries similar to yours. When (not if!) a breach occurs and is relevant to your industry, have small group discussions about what went wrong and how it could have been prevented—and apply that learning to your own processes.
Looking for a quick win? Check out this old (but still good!) blog post, which includes a couple ideas you can implement immediately. (Remember: a quick win does not equal holistic privacy training. But it’s a start. ⭐)
Your employees’ personal data
You can also help your employees identify and protect their own personal data. Think about it: If they're dealing with their own personal privacy crisis, they'll be more distracted and more prone to making privacy (or any!) mistakes on the job. Here are two ideas based on activities I did in a former role during our privacy week:
- Our social media pro offered to consult one-on-one with staff, review their social media accounts, and recommend privacy settings. Most of the employees who participated were shocked at how much info they were unwittingly sharing—and as a bonus, it made them more aware of privacy issues as a whole.
- Our shredding vendor donated extra bins during privacy week for our employees to bring in personal documents from home. The week was so successful that the vendor offered to leave extra bins for a month! If you don’t have a shredder at home, you know what a pain it is to box up your materials and bring them somewhere—this made it easier for employees while sending the message that we cared about corporate and personal privacy.
One of the most important things you can do as a compliance pro is to keep privacy front-and-center at your org. But there is one exception: If you want us to help, please don’t keep THAT info private! Give me a shout and I’ll strategize with you to make privacy a priority all year long.