Irrespective of where
companies are in their
data journey, the end
is not yet in sight. The
innovation, with the
lawmakers in hot
pursuit, will stretch
the journey over many
years. An organization
can never see itself
as having “arrived.”
levels deal responsibly with personal
data. Before you can achieve the
goal of establishing a data protection
culture, you typically require tone at
the top and leadership commitment,
clear policies and internal communications, effective training, measurement and reporting, responsible
interventions, and accountability.
In order to accomplish this, you
need to establish a behavioral change
in the company. The above elements
are stepping stones toward that
change. All of your efforts will be
useless if employees do not embrace
the lofty goal of a data protection
culture. This can happen when
people do not understand the issue,
are unable to digest the e-learning,
and do not know what they should
do differently. Your planned quantum leap in data protection should
not detract you from the importance
of baby steps. These baby steps
are practical tips that explain what
people can do differently every day.
Making a number of small changes
can make a big difference. These
changes include requiring privacy
screens for desktops and laptops,
instilling password discipline, providing guidelines on data carriers
(e.g., USB keys), and emphasizing the
use of VPN and caution with using
public networks, as well as encrypting all devices.
Irrespective of where companies are
in their data journey, the end is not
yet in sight. The ongoing technological innovation, with the lawmakers
in hot pursuit, will stretch that journey over many years. An organization can never consider itself as
having “arrived.” The world is digitalizing and also impacting companies’ vital legal processes, including
digital signature and virtual annual general shareholder meetings.
What if your virtual annual general
meeting gets hacked? Privacy, data
protection, and information security will for many years remain an
area where general counsel and the
in-house legal community can and
should provide valuable support.
General counsel can help demystify
and operationalize a complex issue
and help ensure the company’s continued success.
Data protection belongs to everyone.
It is an integral part of the company’s
business model and a prerequisite for
the company’s long-term success. ACC
HAVE A COMMENT ON THIS ARTICLE? VISIT ACC’S BLOG AT
ACC EXTRAS ON… Data protection
Avoiding the Ethical Perils and Pitfalls of Big
Data (Jan./Feb. 2017).
European Data Protection: New Rules,
a Whole New Game (Sept. 2016). www.
A New Era of EU-US Data Protection: The
Privacy Shield (July/Aug. 2016). www.
EU General Data Protection Regulation
Top 10 Tech Tips for Corporate Lawyers
Big Data – Managing Risk, Compliance,
and Regulation (Oct. 2016).
ACC HAS MORE MATERIAL ON THIS SUBJECT
ON OUR WEBSITE. VISIT
WHERE YOU CAN BROWSE OUR RESOURCES BY
PRACTICE AREA OR SEARCH BY KEYWORD.