5 practical tips for sharing personal data securely

Sharing privacy-sensitive data does not have to be complex. These five practical tips can help you make the way in which your organisation shares personal data a lot more secure.

 

Tip 1: Make sure the policy is clear


What information do you need to send securely? Through which channel and with what security? Employees are keen to do things well, but don't want to reinvent the wheel for each situation. They have enough other things on their mind! So provide them with a clear overview of all the types of information that your organisation shares. Add a step-by-step plan for each type. It must clearly state which information you share, in what way. Place this clear overview on your intranet, share it via email or put up posters. And choose software that supports employees in making the right choices. Preferably software that shows employees exactly what is happening. That helps them continually improve their understanding of personal data and the associated risks.

 

Tip 2: Make it easy for the recipient


There are a large number of tools available that allow you to securely share information. However, most solutions force recipients to perform all kinds of extra actions. For example, they first have to install an app, create an account or do a lot of extra clicks before they can read your message. This is not something most recipients are keen to do. Therefore, make sure you have a solution that makes it possible to share information securely, without burdening the recipient with additional hassle. This is also good for the employee to know who is sharing the information.

 

Tip 3: Make sure that all the contact information is complete


So make sure that the recipient does not have to install anything extra. But to ensure that shared information arrives securely, you sometimes take extra measures. For example, you send an authentication code to a mobile number, or agree on a password. For this you need information from the recipient in advance. So make sure you get that information as soon as you speak to the recipient. When creating a new customer, for example, immediately request the email address and mobile phone number, and immediately check these by sending a test email and text message. Do different employees communicate with the same recipient using a password? Then make sure everyone uses the same password. Fewer things to worry about for the recipient. There is also software that automatically arranges this.

 

Tip 4: Make secure sharing the most attractive experience


You can receive your data in two days by post or in one minute via a secure email. Which would you prefer? Recipients sometimes do not see the necessity for secure communication. Particularly if they themselves have to do something extra for that. This often changes quickly when you briefly and forcefully explain the benefits. You can add this communication automatically to your message. Undoubtedly, there will still be recipients who do not want to cooperate, or ask for extra information. For these situations, provide your employees with a few good arguments, with which they can also satisfy these critical recipients. Then of course you also refer to the legal obligation, and the threat of a fine.

 

Tip 5: Make sure you can act if something goes wrong


You can do a lot to prevent mistakes. Unfortunately, no solution or organisation can completely rule out a data breach. You must therefore know exactly what to do if things do go wrong at some point. Use tools that make intervention easier. Before you can intervene, you must first know where things went wrong. Then you immediately know what you have to do to limit the damage. For example, there are tools that can block access to a sent email. And which give you an overview of who has already viewed the email and attachments at that moment. This helps you to limit the damage, and to send a specific notification to the Dutch Personal Data Protection Authority.

 

Discover how a large hospital is successfully sending emails securely


Data leaks can result in reputation damage and a hefty fine. However, it always takes time to get new software working properly, and a flexible implementation depends on a great many factors. That's why it's nice to know that other organisations have successfully completed this process. Annemiek Knipscheer (ISO) explains why and how SJG Weert is now using ZIVVER. What are her experiences with secure emailing, and the implementation?

Go to the client case of hospital SJG Weert

RELATED
Sending_or_receiving_credit_card_data_via_email_while staying_PCI_compliant

Sending or receiving credit card data via email while staying PCI compliant

To prevent cardholders’ information from falling into the wrong hands, the Payment Card Industry Data Security Standard (PCI DSS) was established to hold organizations to a common standard for securing cardholder information against unauthorized exposure and exploitation. […]

Read more
We_are_happy_to_introduc _ou _new_VP_of_sales_Chris_Brown_ZIVVER_eng_blog_update

We are happy to introduce our new VP of Global Sales: Chris Brown

"ZIVVER is entering new markets at high speed. We intend to lead in those markets. With Chris, we bring in a senior leader who has done this before multiple times. We love that he is not ‘just’ about sales. Chris has a deep, hands-on understanding of the problems our customers face and of the market space and a very inspirational and credible leader for our fast […]

Read more
We_are_happy_to_introduc _ou _new_VP_of_sales_Chris_Brown_ZIVVER_eng_blog_update

We are happy to introduce our new VP of Global Sales: Chris Brown

"ZIVVER is entering new markets at high speed. We intend to lead in those markets. With Chris, we bring in a senior leader who has done this before multiple times. We love that he is not ‘just’ about sales. Chris has a deep, hands-on understanding of the problems our customers face and of the market space and a very inspirational and credible leader for our fast […]

Read more
Cloud_based_office_support tools_that_are_U.S._rooted_fail GDPR_complianc_ZIVVER_Eng_blog

Cloud-based office support tools that are U.S. rooted, fail GDPR compliance

It is estimated that the U.S.A. supplies 80% of the global cloud computing services. And nearly all most-used cloud-based solutions for email and word processing are from the US. This causes a big issue for European companies using these vendors since they are not GDPR compliant. This is the conclusion of a research performed by the Swedish National Public Procurement […]

Read more
Cloud_based_office_support tools_that_are_U.S._rooted_fail GDPR_complianc_ZIVVER_Eng_blog

Cloud-based office support tools that are U.S. rooted, fail GDPR compliance

It is estimated that the U.S.A. supplies 80% of the global cloud computing services. And nearly all most-used cloud-based solutions for email and word processing are from the US. This causes a big issue for European companies using these vendors since they are not GDPR compliant. This is the conclusion of a research performed by the Swedish National Public Procurement […]

Read more
Idans welcome blog (2)

We are happy to announce our Chief Technology Officer: Idan York.

Idan will be responsible for vision outlining and implementation of technological strategies that align with ZIVVER’s expansion objectives. […]

Read more