Data privacy training kit from CybeReady

CybeReady published the company’s Data Privacy CISO Toolkit as Data Privacy Week is set to arrive in January. Access to the Data Privacy CISO Toolkit is free of charge and offered to support data privacy training this month.

Data Privacy Week was inaugurated by the National Cybersecurity Alliance (NCA) because of the importance of privacy data. The occasion began in the United States and Canada in January of 2008 and is an extension of Data Protection Day in Europe, commemorating the 1981 signing of Convention 108, the first legally binding international treaty dealing with privacy and data protection.

Privacy data is sensitive information that organizations or persons desire to keep from being made public, including financial data, healthcare data, or other personally identifiable information that can be detrimental to consumers or businesses if mishandled. The guidance provided in the new CybeReady Data Privacy CISO Toolkit centers on actions that should be taken and precautions that should be followed to maintain secure custody of this sensitive information.

Data Privacy CISO Toolkit published from CybeReady

The guidelines are divided into two categories and designed to help employees while on the job, either onsite or when working remotely. For corporate environments, the recommendations include:

• Data Collection - Corporate employees are advised to collect personal information only for specific, approved purposes such as analytics, operations, or marketing. Inform involved persons of the intended use of this information and secure consent before taking action.
   
• Proper Data Organization - It’s advised to store information in a secure, compliant, and organized way that follows approved guidelines. Seek expert guidance if unsure how to properly handle the information. Revise the storage of this data if current procedures are found to be unsafe or out of compliance.
   
• Information Sharing - Employees should only share private information through secure, compliant, and pre-approved channels. Grant access to personal data only to those with a legitimate business need and through these channels.
   
• Information Storage - Information should be stored only for as long as it is necessary or legally permitted. Employees should archive information using predefined methods that are based on the type and level of sensitivity.

In addition, the Toolkit provides guidelines for social media sharing, as well as web and app browsing practices, to protect employees while on their personal devices.

Employee training on data privacy is crucial for ensuring the security and protection of sensitive information within an organization. It is important for staff at all levels to understand their role in protecting data and to be aware of the potential consequences of mishandling or improperly accessing sensitive information. Therefore, providing employees with the knowledge and skills to handle data responsibly can help prevent data breaches and protect the organization's reputation. In turn, such training assists organizations with complying with relevant laws and regulations, such as the General Data Protection Regulation (GDPR) in the European Union and the California Consumer Privacy Act (CCPA) in the United States.

"It is imperative that organizations today encourage employees to handle sensitive information with the utmost care and attention. Protecting the data of customers, partners, and stakeholders is not only an important aspect of corporate value but a legal requirement that requires compliance. Our Data Privacy CISO Toolkit provides employees with the knowledge and tools they need to handle data responsibly, instilling CISOs with confidence that their employees will manage privacy data appropriately to create a strong foundation for future success," said Eitan Fogel, CybeReady CEO.