Avoid Privacy Mistakes


Can being overly helpful and multi-tasking cause you to make privacy mistakes? The short answer is yes.

Most of us are focused on meeting the needs of internal and external clients. How can this be a bad thing?

Sometimes when trying to complete a task, we may be providing excessive information. The less information is exchanged, the lower the risk of a privacy incident. The opposite is also true. Unknowingly, with well-intended reasons, we may provide more personal information than is required. If that information is provided to unauthorized individuals, a privacy infraction may be the result. Over-collection of data may not only result in a privacy incident, but potential legal action by federal and state entities, or civil suits, for failure to follow your organization’s promise to customers.

We’re all busy and find ourselves multi-tasking to meet deadlines.

All of us at some point have opened multiple system windows. The more system windows you have open increases the possibility of a privacy incident. You might enter information on the incorrect screen causing a data error.

Not paying attention to sending email is another common slip-up. Many email clients store past email addresses. This can increase the chances of a mistake as you may use the incorrect, auto-filled email address and not double-check the recipient’s name. A wrong transmission can lead to privacy issues.

Sometimes we may be in a rush and transmit data without using proper encryption or data protection steps. We may find ourselves in these situations when technology is too difficult to use, the recipient cannot read encrypted transmissions, or you have not been adequately trained.

Mistakes happen. Slow down. Minimize data. Truncate, mask, or scramble data as a way to lower risk. Get training from IT. Ask if you don’t know.

For more information, refer to the Privacy Policy, Data Classification Policy and Guidelines, Data in Transit Policy, and the Technology Workshops calendar.


About Author

Senior IT Risk Analyst, Information Security and Assurance | Fordham University A Certified Information Privacy Professional/United States (CIPP/US) and Privacy Manager (CIPM) privacy professional who is a versatile and creative writer, fusing a background in communications and academics with expertise in business writing to deliver quality, customized material spanning technical, marketing, policy, and social media content. Creative, resourceful, and flexible, able to adapt to changing priorities and maintain a positive attitude, strong work ethic, and humor.

Comments are closed.