Menu
​Are companies adequately protecting employee privacy?

​Are companies adequately protecting employee privacy?

Employees do not feel confident that companies are adequately protecting their information.

Comments

Employees do not feel confident that companies are adequately protecting their information, according to a study conducted by global IT association ISACA.

Findings claim that only 29 percent of the 546 respondents are ‘very confident” in their enterprise’s ability to ensure the privacy of its sensitive data - in fact, nearly one in five said they have experienced a material privacy breach.

According to survey, the seven key components of an effective privacy program are:

1. Appropriate staffing

2. Positioning of privacy function at a high level in the organisation chart

3. Privacy-protection culture

4. Privacy awareness training

5. Globally accepted frameworks/standards

6. Metrics and monitoring program effectiveness

7. Compliance with data-protection legal requirements

“Organisations with effective privacy programs understand that these programs begin with a system of governance and management, and are supported by a team with defined privacy responsibilities,” says Yves Le Roux, chair of ISACA’s Privacy Working Group, principal consultant, CA Technologies.

Respondents also cite complex international legal and regulatory landscape and lack of clarity on roles and responsibilities as the two main barriers to establishing a successful privacy program.

The most commonly reported privacy failures are a lack of training or poor training, data breach/leakage as well as companies not performing a risk assessment.

However, the survey also identified some bright spots.

More than 9 in 10 organisations have assigned someone to be accountable for privacy, the primary positions given this responsibility are CISOs and chief privacy officers (CPOs) who report directly to the CEO.

Additionally, the majority (76 percent) of organisations provide privacy awareness training to staff.

Follow Us

Join the ARN newsletter!

Error: Please check your email address.

Tags CA TechnologiesISACAsecurity

iasset.com is a channel management ecosystem that automates all major aspects of the entire sales, marketing and service process, including data tracking, integrated learning, knowledge management and product lifecycle management.

Show Comments