Skip to main content

Your data privacy strategy and your employees

Your data privacy strategy can make or break your business. High-profile data breaches hit the news almost weekly. The Ponemon Institute has found that a data breach can cost a company an average of $3.9 million. Reputational damage adds insult to injury, as one breach can tank your company’s stock price by 5%.

For small and medium businesses, these are sobering numbers. We all need to rethink our data privacy strategy before a data breach occurs that could literally cause us to close up shop. 

None of us want to become one of these statistics. Here is one more you should consider when reviewing your data privacy strategy: 

88% of data breach incidents are caused by employees’ mistakes, according to researchers from Stanford University and a top cybersecurity organization. 

annual revenue or €20M potential fine
potential loss in stock value
breaches caused by employee error

That means your employees actions present (by far) the biggest risk of a data breach, and all the fines and problems that come along with it. 

If you are a business owner or DPO, you are probably familiar with new privacy regulations and the risks and cost of non-compliance. You may have even drafted a data privacy strategy.

But what about your team? 

Do they understand and follow new data privacy rules?  

Where do they store company data? 

Make it personal

Employees who understand the importance and stakes of data privacy are more prepared and willing to follow your privacy management policies. 

A personal information management app (PIM app) can help.

Using a PIM app will educate your employees about their personal data rights. It also makes it easy for them to protect their own personal data. Since company data often makes it into both work and personal emails, they will be protecting your data at the same time. 

PrivacyWallet makes your data privacy strategy pesonal

Educate and reinforce

Employees should be familiar with consumer rights and be aware of risky data sharing behaviours like password reuse/sharing.

Microsoft estimates that around 73% of people use duplicate passwords for their accounts. That’s risky business since it’s been found that eight in ten (81%) hacking-related breaches are achieved with stolen or weak passwords. 

Your employees also need to develop habits that protect data and support your data privacy strategy, like data minimisation and cautious sharing and clicking. 

Keeping all data shared and stored minimal, tidy and protected is a habit that transitions smoothly from work to home and back again. 

Get ShareSimple FREE for one user today!

Find and protect personal and company data

When employees use personal email accounts to conduct business, company data may be sent to mail servers anywhere in the world. This leaves it outside the protective umbrella of your security systems.  

Using personal email for work poses serious risks.  It can expose you to IP theft, intellectual property loss, customer privacy violations, and disruption of network operations. 

Many companies let employees use their own devices. This can be convenient and save money, but it can also expose company data to risk of: 

  • Password theft or loss  
  • Malware attacks 
  • Lost or stolen devices 
  • Improper mobile management 
  • Shadow IT and more

Perhaps it is not the company policy for people to work on their own devices or send emails from their personal accounts. But it may still happen. 

That’s why protecting your employees’ personal emails and devices should be a high priority right along with protecting company systems.  

A PIM app can help your team:

Track and minimise the personal (and business!) data they may have shared with other companies.  

Build awareness. Seeing how many companies have their personal data can be a wake-up call. It will help employees see the importance of protecting customer data. 

Learn about privacy rights while managing their own data by making privacy requests to companies. 

Practice keeping data tidy and organized. Good habits start at home. 

Get targeted training on how to spot phishing, what to be aware of when sharing/linking and much more. 

Share data securely with other companies in a transparent way (e.g., when on consultancy assignments or anytime an employee shares data). 

Keep their own data safe with zero-knowledge encryption that protects all user data to ensure it is only visible to the user.  

Each employee can track their own data as part of your data privacy strategy

See that you value their privacy. Show your employees that you care about their privacy. In turn, they will care more about your customers’ privacy. 

Create a privacy first culture

Creating a privacy-first culture from top to bottom is key to successfully implementing any data compliance/privacy strategy. 

Send all your employees a free link to download PrivacyWallet. They will learn to protect their own data and increase their privacy awareness. Help everyone in your organization develop habits that minimise privacy risk, both at work and at home. 

Sebastian Allerelli

Governance, Risk & Compliance Specialist
Follow me on LinkedIn to get tips on GDPR →