Menu
​Are companies adequately protecting employee privacy?

​Are companies adequately protecting employee privacy?

Employees do not feel confident that companies are adequately protecting their information.

Employees do not feel confident that companies are adequately protecting their information, according to a study conducted by global IT association ISACA.

Findings claim that only 29 percent of the 546 respondents are ‘very confident” in their enterprise’s ability to ensure the privacy of its sensitive data - in fact, nearly one in five said they have experienced a material privacy breach.

According to survey, the seven key components of an effective privacy program are:

1. Appropriate staffing

2. Positioning of privacy function at a high level in the organisation chart

3. Privacy-protection culture

4. Privacy awareness training

5. Globally accepted frameworks/standards

6. Metrics and monitoring program effectiveness

7. Compliance with data-protection legal requirements

“Organisations with effective privacy programs understand that these programs begin with a system of governance and management, and are supported by a team with defined privacy responsibilities,” says Yves Le Roux, chair of ISACA’s Privacy Working Group, principal consultant, CA Technologies.

Respondents also cite complex international legal and regulatory landscape and lack of clarity on roles and responsibilities as the two main barriers to establishing a successful privacy program.

The most commonly reported privacy failures are a lack of training or poor training, data breach/leakage as well as companies not performing a risk assessment.

However, the survey also identified some bright spots.

More than 9 in 10 organisations have assigned someone to be accountable for privacy, the primary positions given this responsibility are CISOs and chief privacy officers (CPOs) who report directly to the CEO.

Additionally, the majority (76 percent) of organisations provide privacy awareness training to staff.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags ISACACA Technologies

Events

EDGE 2024

Register your interest now for EDGE 2024!

Featured

Slideshows

How MSPs can capitalise on integrating AI into existing services

How MSPs can capitalise on integrating AI into existing services

​Given the pace of change, scale of digitalisation and evolution of generative AI, partners must get ahead of the trends to capture the best use of innovative AI solutions to develop new service opportunities. For MSPs, integrating AI capabilities into existing service portfolios can unlock enhancements in key areas including managed hosting, cloud computing and data centre management. This exclusive Reseller News roundtable in association with rhipe, a Crayon company and VMware, focused on how partners can integrate generative AI solutions into existing service offerings and unlocking new revenue streams.

How MSPs can capitalise on integrating AI into existing services
Access4 holds inaugural A/NZ Annual Conference

Access4 holds inaugural A/NZ Annual Conference

​Access4 held its inaugural Annual Conference in Port Douglass, Queensland, for Australia and New Zealand from 9-11 October, hosting partners from across the region with presentations on Access4 product updates, its 2023 Partner of the Year awards and more.

Access4 holds inaugural A/NZ Annual Conference
Show Comments