Task 2: Education


Task 2: Education

There are two levels within the company that must be constantly aware of privacy issues, constraints, and laws: senior management and front line employees. First, it is important that senior management understands the company's privacy limitations. In our company several practices or behaviors could be identified as tempting, but risky. Senior management has to recognize those behaviors and agree early in the game to avoid them. Every time a privacy issue comes up, I am confident that senior management will respond according to the rules. They know what they can and cannot do. I have tried to make them understand where our greatest risks are and why we have to adopt a policy that protects information, rather than disclosing it. If senior management doesn't understand the issue, then a lot of energy is wasted as managers create information-sharing plans (or plans that have information-sharing as a by-product) that have no possibility of coming to fruition. This could be a plan to sell customer lists or a plan to arrange for software maintenance. When members of senior management are educated about privacy issues, they can recognize problems that arise and tell someone "no" early enough in the game.

Second, we must also focus on those employees who actually deal face-to-face with customers. They must understand the rules, so when they confront an issue, they know instinctively what information should be protected. There aren't many people in between these two levels who can actually mishandle information, although mid-level management can certainly hatch ideas that would, if unchecked, lead to trouble.

Beyond that, the challenge has been to get everyone in the company to understand the spirit and the intent of the law. Everyone, but especially senior management and front-line employees, needs to know what kind of information and which documents are supposed to be protected, so they can instinctively conform their behavior to comply with the law. That, to me, is the greatest challenge - we need people to understand the spirit of this law well enough that they don't have to stop and think very hard, and if they do have to stop, they will quickly know the answer. Furthermore, when the insurance examiner comes to check on our compliance, our employees should know what they are supposed to do and demonstrate that they understand the rules and that they are actually complying. The greatest challenge is making sure that everyone who is supposed to know the rules does in fact know the rules.




The CTO Handbook. The Indispensable Technology Leadership Resource for Chief Technology Officers
The CTO Handbook/Job Manual: A Wealth of Reference Material and Thought Leadership on What Every Manager Needs to Know to Lead Their Technology Team
ISBN: 1587623676
EAN: 2147483647
Year: 2003
Pages: 213

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net