Monday, June 09, 2008

Five Mistakes of Privacy Awareness Programs

Privacy has now become a buzzword linked with information security. In fact, the two seem to go hand-in-hand at some companies. And, regulatory requirements now mandate training for employees on privacy as part of the secure handling of customer data.

But the quality of training varies and according to Jay Cline in this editorial in Computer World. Cline is president of Minnesota Privacy Consultants.

He says most companies skimp on training by taking these five shortcuts:

1) Conducting separate training for privacy, security, records management and code of ethics.
2) Equating "campaign" with "program."
3) Equating "awareness" with "training."
4) Using one or two communications channels.
5) No measurement.


Blogger Nicole said...

Hi Joel,

I've been reading through some of your blog, and I thought you might be interested in receiving updates from my company. I work at Astaro Corporation, a vendor of integrated security appliances, and we send out company, product and industry news approximately once a week. We cater to SMBs (50-500 users), and we have in the past provided news/info on PCI compliance, spam, green IT, security spending in a tough economy, and other SMB concerns. Would you like to be added to our distribution list? If so, please email me at

Kind regards,

2:46 PM  

Post a Comment

<< Home