compliance

Compliance Tips for 2016

I recently had the opportunity to write an article for CMSWire discussing my data privacy recommendations for this year.

With data breaches making the news almost every week, it’s important for organizations to implement a solid data protection strategy and ensure compliance with either regulatory or organizational policies. With Data Privacy Day (an international event dedicated to create awareness about the importance of privacy) right around the corner, now is the perfect time to get started improving data privacy and protection. My advice is to take these steps toward properly securing your data.

1. Ask Not for Whom the Bell Tolls

Don’t think a data breach can’t happen to you – take a proactive approach to data protection so your company isn’t in the next data breach headline.

2. Hire a Chief Privacy Officer or Data Protection Officer

Data breach incidents will continue to rise, as will the related costs. Designate someone in your organization who is responsible for spearheading development of policies and ensuring compliance with privacy practices.

3. Get Ready for the Cloud

Many organizations are moving data to the cloud, but not all are taking the necessary steps to ensure data security in that space. Before migration, understand what types of data you hold to take a risk-based approach to store it in the right place.

4. Help End Users Do the Right Thing

Create and implement policies that make it easy for employees to work properly with data. Use a privacy impact assessment to evaluate how well employees know these policies and whether they’re following them. The International Association of Privacy Professionals (IAPP) distributes the AvePoint Privacy Impact Assessment (APIA) System, a free tool to help you evaluate the privacy implications of your IT systems.

5. Set Enforceable Policies

When developing organizational compliance policies, make sure they can be measured, monitored, and enforced.

To get the rest of my compliance tips for 2016, read the full article on CMSWire.

To learn more about the mission of Data Privacy Day, visit Stay Safe Online.

Dana S.

Dana Louise Simberkoff is the Chief Risk, Privacy and Information Security Officer at AvePoint. She is responsible for AvePoint’s privacy, data protection, and security programs. She manages a global team of subject matter experts that provide executive level consulting, research, and analytical support on current and upcoming industry trends, technology, standards, best practices, concepts, and solutions for risk management and compliance. Ms. Simberkoff is responsible for maintaining relationships with executive management and multiple constituencies both internal and external to the corporation, providing guidance on product direction, technology enhancements, customer challenges, and market opportunities. Ms. Simberkoff has led speaking sessions at data privacy and security events around the globe. She was featured in Forbes, writes a monthly column for CMSWire, and was highlighted in the CSO Online list of “12 Amazing Women in Security”. She is a current member of the Women Leading Privacy Advisory Board and a past member of the Education Advisory Board for the International Association of Privacy Professionals (IAPP). Ms. Simberkoff holds a BA from Dartmouth College and a JD from Suffolk University Law School. LinkedIn: www.linkedin.com/in/danalouisesimberkoff/en Twitter: http://www.twitter.com/danalouise