Tuesday, August 6, 2019

Creating a Forward-Looking Privacy Policy

Privacy policies should be reviewed once a year, at the same time each year.  After each yearly review, it needs to be mandatory that it be shared with all employees, who must acknowledge (through a click) that they understand and will abide by the policy.  Preferably, the policies should be presented as a mandatory on-line course with a test all employees must pass.

The main way that the policy can be made forward-looking is by requiring that all information kept on customers can be segregated on an individual basis.  In other words, if future privacy laws by a particular government affect a certain subset of information (for example, specifically social security numbers) then it will be much easier for the company to implement if their forward-looking policy had made allowances that individual data segments can be selected for special handling.

© 2019 Praveen Puri 

Praveen Puri is the Strategic Simplicity® expert who has delivered over $400 million in value. He helps clients "weaponize" simplicity and bridge the gap between strategy and execution. Visit PuriConsulting.com