How to make your employees aware of the importance of secure information processing

Some organisations are already GDPR compliant, others still have work to do to meet the legal requirements. To achieve this, a set of technical and organisational measures is required. There are many step-by-step plans on the Internet to help you with these measures. It is even more important yet to raise the awareness among your organisation’s employees. This is very important, since 46% of all data breaches occurs because employees do not handle sensitive data consciously. How do you make sure this will change within your organisation?

1. Organisational measures

As a CISO, you record a lot in order to be accountable, in compliance with privacy legislation. You have to give evidence you have arranged certain issues. For instance, drawing up processor agreements with suppliers, a protocol for reporting data breaches, or a privacy impact assessment when making use of certain tools and software. You can arrange many issues independently as a CISO. However, the introduction of new policies, such as for reporting data breaches, affects other parts of the organisation as well. The organisation should first understand why you take these measures, and what is expected from its employees.

2. Technical measures

Technical measures are necessary to organise the protection of personal data. Think of the encryption of data, two factor authentication, or regulating access by using entry passes. Sometimes the existing solutions are not sufficiently fitting, so you obtain new solutions. The key factor in the application of technical measures are the users: your organisation’s employees. If they do not make use of the technical solution, your organisation still does not comply with the privacy legislation.

3. Awareness among employees

To make the organisational and technical measures successful, you definitely need support among the employees. Not only do you need support from the IT department, but from all employees who process personal data in any way. In our e-book, we will explain how you can reach this in an accessible and effective way.

Get going

As a CISO, you are facing a major challenge: creating awareness within the organisation. This is truly crucial. If employees are not fully aware of the implications of the unsafe processing of personal data, you keep on firefighting. But how do you start this awareness process? In our e-book, you will find answers to the question: how to create awareness about the secure processing of personal data within my organisation.

Download the ebook

RELATED
Idans welcome blog (2)

We are happy to announce our Chief Technology Officer: Idan York.

Idan will be responsible for vision outlining and implementation of technological strategies that align with ZIVVER’s expansion objectives. […]

Read more
Human_error_is_the_primary_cause_of_most_data_leaks_The_Dutch_lend_a_helping_hand_pointing_ out_the_cause_ZIVVER_EN_blog-1

Human error is the primary cause of most data leaks. The Dutch lend a helping hand pointing out the causes

[…]

Read more

The email consult: from a matter of expense to a matter of profit

Research from NICTIZ/NIVEL and Pharmapartners shows that just 3% of the Dutch has had an email consult with his physician. This percentage decreases even further in the second line (hospitals and other medical facilities) to a figure virtually zero. There is a chance that this will change. Since January 2018 an email consult can be declared to the insurer for the same […]

Read more
blog-image-info-delen-960x398

5 practical tips for sharing personal data securely

Sharing privacy-sensitive data does not have to be complex. These five practical tips can help you make the way in which your organisation shares personal data a lot more secure. […]

Read more