Most organizations still don’t encrypt data when it leaves the office

keyboard-litupI recently read a news release by the Alberta Office of the Information and Privacy Commissioner that indicated there are still high incidences of laptops containing personal information being stolen—without having security measures such as encryption put in place. The commissioner was left scratching his head.

The commissioner found it odd that organizations would not take the time to properly protect personal information. He stated, “Encryption technology is pretty much commonplace, and it’s irresponsible that an organization would allow this stuff out the door, without ensuring it’s protected.”

The commissioner also commented that these organizations were putting a lot of people on edge, given the potential for identity theft or personal embarrassment. On the same note, when a laptop containing personal information is stolen, the organization faces more work, cost and embarrassment because they have to notify individuals that they lost their personal information, and it might be used for illegal purposes.

I’m wondering: what kind of security measures do you have in place in your organization? What type of physical and technological protections do you have to prevent privacy breaches?

Christina Catenacci
First Reference Human Resources and Compliance Editor

Share

Related Posts

Imagen 1

The new age of workplace gossip – TMI!

I’ve discussed workplace gossip here before, and what bosses can do to prevent it or at least reduce the potential harm, but there are a couple of hyper-modern developments that I didn’t get into: reality television and the Internet. These two things have created a culture of “sharing”, for lack of a better word, that encourages people at play or work to divulge the most mundane and private details of their lives to others—the kind of information that one previously might only have shared with family or best friends.

Adam Gorley

Read more
Imagen 1

Privacy risk management – by design

I’ve discussed the Privacy by Design principle before, in the Inside Internal Control newsletter. In case you don’t know, PbD is an approach developed by Dr. Ann Cavoukian, the Privacy Commissioner of Ontario, which proactively embeds privacy protection by default in the design of an organization’s practices and products.

Colin Braithwaite

Read more
Imagen 1

Employers discussing employee medical condition with other employees

In general, an employer, manager, supervisor or HR professional discussing an employee’s medical condition with other employees is just plain inappropriate…

Marie-Yosie Saint-Cyr, LL.B. Managing Editor

Read more