AvePoint
Resources Blogs The Shocking Truth Behind Privacy Policies in the Enterprise

The Shocking Truth Behind Privacy Policies in the Enterprise

author
calendar07/23/2014
clock 2 min read
feature image
I recently had the opportunity to discuss the current state of privacy policies and how to make them more effective for an article on TechRepublic. In a world where online privacy is of utmost importance, consumers often do not meet companies halfway by reading privacy policies advertised on websites. Why don’t we take the time to even glance through them, but instead blindly click accept? It’s simple: We avoid reading the lengthy, jargon-filled content so we can begin using the service we downloaded, bought, or installed as quickly as possible. In the article, I highlight four distinct causes and effects surrounding privacy policies:
  • Consumers don't read a website's privacy policy.
  • If consumers attempt reading the website's privacy policy, most fail to understand the details.
  • Website owners want to eliminate all possible liability, meaning privacy policies are loaded with legalese.
  • Website privacy policies may not represent what the company is actually doing.
So how we begin to reverse this trend and create a more honest, transparent privacy policy process? Because of the high rate of data influx, most companies should look at software tools to help identify risks and provide real-time solutions when it comes to assessing customer data privacy. From experience, I have learned that does not mean just any software. The software should have the following attributes: Say it: After establishing information privacy policies to ensure the security of sensitive or regulated content; be sure your selected process is in accordance with U.S., international, and vertical-specific compliance regulations. Do it: Determine the risk severity of the captured data using advanced risk calculators. Look for a software tool with options such as highlighting areas that violate the specified compliance standards or guidelines as well as providing multiple perspectives on potential risk. Prove it: Prove policy compliance with ongoing monitoring, detailed reporting, and incident tracking. Effective tools produce detailed reports of preventative and corrective actions taken to ensure content is uploaded, stored, classified, and secured in accordance with information governance policies. To read more about the lack of honesty in the relationship between companies and their customers when it comes to privacy policies, please visit TechRepublic. To learn how AvePoint Compliance Guardian allows you to say it, do it, and prove it, please visit our website.
author

Dana Simberkoff

Dana Louise Simberkoff is the Chief Risk, Privacy and Information Security Officer at AvePoint. She oversees a global team of subject matter experts who monitor industry trends, emerging technologies, and best practices in risk management and compliance. Dana also provides strategic guidance on product direction, technology enhancements, customer challenges, and market opportunities, partnering closely with internal and external executive stakeholders. Dana is an industry leader, previously serving on the Education Advisory Board for the International Association of Privacy Professionals (IAPP) and as a founding member of the Women Leading Privacy Advisory Board. Dana has been featured in the Wall Street Journal, Forbes, Security Magazine and more, and is consistently recognized by organizations like IDC and CSO as an influential woman in cybersecurity. Dana holds a Bachelor of Arts degree from Dartmouth College and a Juris Doctor from Suffolk University Law School.

AvePointcomplianceCompliance GuardianData Privacy