#CyberFLASH: 10 compliance steps to protect personal information and data

cra-data-security-2The adoption by businesses of well-intended and organization-wide social media strategies, cloud-based storage and associated outsourcing solutions can present data protection and privacy challenges.

Notably, with the rapid emergence and wide use by employees of mobile devices such as smartphones and tablets, the challenges become somewhat intensified – particularly in relation to the preservation of an organization’s sensitive and proprietary information, as well as the personal privacy of its employees and customers.

Adoption by organizations as part of an organization-supported bring your own device (BYOD) or similar program, while an enabler for employees, nevertheless can prove detrimental to an organization if not well considered and properly implemented. Embraced by both the organization and its employees, while well intentioned, the program can have dire consequences to each, or both of them, if organizational confidential and personal information are not safeguarded.

It is hoped this checklist will provide some assistance, recognizing that it is strictly a springboard and must be tailored to the particular organization’s data protection and statutory retention obligations.

1. Adoption of a comprehensive personal information and data protection compliance strategy

The organization must proactively ensure that its compliance approach applies throughout the entire organization. This would include all data processing activities that embrace or utilize technologies. In particular, all employee mobile devices that provide remote access to the organization’s standalone, cloud, and third-party managed servers.

2. “Personal information” inventory

Inventory, by way of an audit, the various categories of PI together with their respective database, server, workstation, mobile device, cloud and third-party location(s). Such audit should extend to both hardcopy (specifying physical location) as well as digital format.

Read more here

About canux
© 2013 CyberTRAX Canada - All Rights Reserved.
Sponsored by C3SA Corp.