Five Mistakes of Privacy Awareness Programs
Privacy has now become a buzzword linked with information security. In fact, the two seem to go hand-in-hand at some companies. And, regulatory requirements now mandate training for employees on privacy as part of the secure handling of customer data.
But the quality of training varies and according to Jay Cline in this editorial in Computer World. Cline is president of Minnesota Privacy Consultants.
He says most companies skimp on training by taking these five shortcuts:
1) Conducting separate training for privacy, security, records management and code of ethics.
2) Equating "campaign" with "program."
3) Equating "awareness" with "training."
4) Using one or two communications channels.
5) No measurement.
But the quality of training varies and according to Jay Cline in this editorial in Computer World. Cline is president of Minnesota Privacy Consultants.
He says most companies skimp on training by taking these five shortcuts:
1) Conducting separate training for privacy, security, records management and code of ethics.
2) Equating "campaign" with "program."
3) Equating "awareness" with "training."
4) Using one or two communications channels.
5) No measurement.
posted by The IT Security Guy at 9:50 PM
1 Comments:
Hi Joel,
I've been reading through some of your blog, and I thought you might be interested in receiving updates from my company. I work at Astaro Corporation, a vendor of integrated security appliances, and we send out company, product and industry news approximately once a week. We cater to SMBs (50-500 users), and we have in the past provided news/info on PCI compliance, spam, green IT, security spending in a tough economy, and other SMB concerns. Would you like to be added to our distribution list? If so, please email me at neckert@astaro.com.
Kind regards,
Nicole
Post a Comment
<< Home