Promoting Data Privacy in your Organization

Also known as information privacy, it is a branch of cybersecurity involving data security to properly handle the collection, storage, dissemination and destruction of information contained within an organization and shared with any partners or third parties.

The first step to ensuring your organization follows laws and regulations, and is up-to-date on all mandates, is to assess your data collection practices. Ensure you have documented procedures on what data is collected and how it is managed. This includes understanding the data flow and ensuring appropriate controls exist around where data is stored and how it can be accessed or distributed.

Ensure the terms of service and privacy agreements for your organization are easily accessible and available for review. Then verify the actions taken by employees follow the agreement and have documented procedures to guide those actions.

Educate Employees

Creating a company Privacy Policy for your organization, and ensuring your employees read and acknowledge it is key. This policy should be readily available for employees to reference, and include contacts for further information.

Fortalice can work with your organization to understand the recommendations and control requirements that are best for your organization and industry. Adopting a privacy framework can help you manage risk and create a culture of privacy in your organization by building privacy into your business processes. Fortalice recommends using these Privacy Frameworks:

• • For additional information on Fortalice Solutions's service offerings, contact Fortalice Solutions via email at watchmen@fortalicesolutions.com.