Data privacy musts while working from home

To mitigate the spread of the pandemic, Enhanced Community Quarantine was nationally mandated and has disrupted many industries. Companies turn to Work From Home (WFH) and Lock Down operations, while the others come to a full halt.

For some, their employees turn to extended periods of connection through work-issued and personal devices in unmanaged networks. This need for business continuity has also fueled the use of various unsecured communication platforms for virtual meetings, document sharing and collaboration. Furthermore, IT departments supporting Business Continuity initiatives have been reduced to skeletal forces making it especially difficult to manage privacy and security issues that may arise.

These scenarios heighten an organization’s vulnerability to privacy negligence and security breaches. It is in these difficult times, the active role of Data Protection Officers is significant.

In support of our Data Protection Heroes, here are a few tips and reminders on upholding an effective data privacy culture.

1. Educate/Remind your employees about Data Privacy
Issue company guidelines and policies that ensure employees are aware and knowledgeable of their roles and accountabilities in preventing acts of negligence in managing data privacy. Data privacy is not a concern limited to the workplace nor the Data Protection Officer, after all.

2. Ensure Updated and aligned Privacy Statements
Connect with key contact persons, review current initiatives and align existing privacy statements in all proprietary mediums (such as your company website, client applications, community, etc.), to ensure proper coverage of existing daily operations and emergency-related initiatives.

3. Review and Update your Privacy Impact Assessment (PIA) Keep positive and enjoy a cup of coffee with your increased spare time while social/physical distancing by reviewing and updating the contents of your Privacy Impact Assessment. As we venture through these times toward the new normal, it is also best to prepare visibility and review existing practices, processes and gaps ahead of expected operational changes.

4. Be Vigilant When Communicating with External Parties
Authorities, entities, and individuals may persist on getting access to your database of personal information to pursue and expand their COVID initiatives and attempt to justify them using the pandemic’s urgency. Although unfortunate and inconvenient, the pandemic is not an excuse for organizations to disregard the rights of their Data Subjects.

5. Keep your Breach Management Team on Stand
By The conditions of daily operations and management pose increased likelihood to for security breaches to happen. Ensure that breach management team and their corresponding procedures are ready and execute drill sessions whenever possible, to ease crisis management for when unwanted cyber security breaches and hacks occur.