Learn how to get everyone in your organization thinking about and caring about privacy.
- A culture of privacy is built slowly over time. Not with a quick decision, or the wave of the CEO's hand. You can't protect against regulatory inquiries, data breaches, and a privacy backlash from customers, if you don't have everyone in your organization working towards a common goal, with a common framework. But, how do you make the leap from a concept, simple idea, about how your company is going to approach privacy, and grow it into a culture that permeates every part of your business? Culture is very little about what we say, and very much about what we do.
If we don't live it, it's never going to play out, as we want. So, how do you help your company act on a daily basis with privacy in mind? First, you need to make it relatable. Too many times I see companies try to get employees to comply with a long set of internal policies around privacy that they test them on, year after year, in compliance training. But, what you hear time and time again, in those companies, is employees not understanding how the policies that they are tested on relate to their day to day job. So, how do you make an amorphous topic, like privacy, easier to understand? Create awareness about the topic, first, through an event that draws a crowd, and shares your message.
Sorry, us lawyers have just failed to make those lengthy documents interesting or understandable. So, you're going to need to do the work of boiling it down to a few key concepts, or phrases. One way to do this, is to create a simple message around your company's approach to privacy that everyone can follow. For example, LinkedIn uses the concept of the three C's, Clarity, Consistency, and Control. These are three words everyone in the company is familiar with and understands what they stand for. Clarity means we say what we do with our member's data.
Consistency means we do what we say. And, control means we give our members control over their data. A concept like the three C's is easy for all employees to understand and act on. Third, share with employees the way in which privacy ties into the overall mission and values of the company. I found the most effective approach here is to have the company President or CEO communicate this directly to the employees. A good way to do this is by having your executive send an email to all employees outlining your companies approach to privacy or having him or her speak to it at a company meeting.
Lastly give employee's clear guidance on the boundaries around how data is collected, used, and stored at your company. Provide training to different to teams to help them understand how to think about data privacy in the context of their role at the company. Make it clear to employees, it is okay to ask questions. And, let them know the privacy team is the one they should go to when need answers. At the end of the day, if you make privacy relatable, and provide a simple and clear mandate for thinking about the issue, you'll be one step closer to creating an awareness of privacy throughout your organization.
In this course, Kalinda Raina, head of global privacy at LinkedIn, shows how to create a successful privacy program by building privacy into the very foundation of your company culture. Learn what privacy is, why it matters, and how to develop a privacy program that serves the interest of not only your customers, but your company as well. Discover how to tie your policies back to your corporate values, enlist privacy advocates from every level of the organization, and build privacy into the product development cycle.
- Privacy regulations
- Assessing your privacy program
- Tying privacy to your corporate mission
- Creating privacy advocates
- Building privacy into your products
- Integrating privacy into the existing business