Posted in:

Henrik Bornhede On How to Optimize Your Company’s Approach to Data Privacy

Data privacy concerns are everywhere. From growing cybersecurity threats to questions over the future of internet ‘cookies’, there are a lot of moving parts when it comes to modern data security and privacy. And now that more people are working from home than ever before, organizations are starting to pay even closer attention to their internal privacy protocols and culture. 

Fortunately, optimizing your business’s data privacy strategy is much less complicated than it was even just a few years ago. Thanks to growing awareness and a better understanding of this issue, businesses are able to make much more strategic decisions that will ultimately help keep them protected in the long term. 

But where should your business start? It’s helpful to know the basics of data privacy first. 

Understand that data privacy and information security are different

While these terms are two sides of the same coin, they have different meanings. Information security involves protecting your business’s data, while data privacy focuses on protecting the rights of your employees and customers. Both are equally important to maintaining a resilient and compliant company, but the strategies needed to implement them are going to be different. 

Streamline your documentation 

When it comes to documenting your process, strategies, and data, try to avoid redundancies. Work to implement your cybersecurity and data privacy documentation together. This will help keep your information transparent and will provide a much more accessible record in case of a cyber threat or privacy complaint. 

In today’s environment, transparency is everything. Your value as a company is tied to your ability to protect both your employees’ and your customers’ data, and taking the steps to optimize your documentation can help ensure you keep creating that value for people. 

Never stop learning

In order to create a true culture of data literacy and compliance, it’s important to create consistent training sessions with your teams. Multiple studies have shown that employees want to learn new and relevant skills, which means that hosting training initiatives surrounding data privacy and compliance will not only help foster a more knowledgeable culture but will help boost employee engagement as well. 

Respect privacy concerns

This should go without saying, but an important part of your data privacy approach should be respecting the privacy of your employees. Avoid monitoring them with cameras and pre-installed computer software and apps, unless required by law. When people feel like their privacy is respected, they’ll not only respect you as an employer but will be much easier to get on board with your compliance protocols. 

If you do have to collect data from your employees, make sure to be transparent. Explain exactly what it is you’re collecting, who or what team will process that data, and what it will be used for. Missing the mark on compliance can be a huge financial and reputational risk for your organization, so it’s important to bake transparency and accountability into your strategy from day one. 

Be a people person

Teams and employees that work with data privacy and compliance will ultimately interact with every department. For these people, maintaining positive relationships with employees and leadership across different levels is crucial. The more likable and sociable you are, the easier it will be to ensure employees follow through with compliance protocol. Additionally, this will also make it easier for employees to come forward when they have questions or concerns about their own privacy. 

Stay up-to-date with new regulations and privacy trends

New regulations are being introduced every year, and it’s becoming increasingly important that businesses stay abreast of new trends to remain seen as trustworthy. Companies that stay ahead of the game on these new developments are more likely to be able to respond quickly when new regulations demand action. 

Henrik Bornhede, Infosec Consultant

Henrik Bornhede earned a Master’s degree from Stockholm University in computer science with a specialization in cybersecurity. He currently works as an information security consultant at Omegapoint. Bornhede’s experience in IT and info security make him an expert in data privacy trends and other cybersecurity concerns facing many companies today. Based in Stockholm, Sweden, when not consulting clients he enjoys playing chess and staying up to date on current infosec news and trends. 

Follow Henrik Bornhede on LinkedIn to learn more.