How do you train yourself/team about data privacy and protection?

Shreya R Nambiar
9 replies
Data privacy is huge nowadays. If you run a business that requires you to handle your customer's data in any way, everyone in your organisation will have to familiarise themselves with the data privacy best practices. How do you do it?

Replies

Bogomil Shopov - Бого
Threat Modeling e-book
Threat Modeling e-book
Data privacy is a must and it's regulated by many laws arround the world. - First I'll start with reading those requiremets on the regional data protection bodies in your country. - Second I'll go and see wha tare the requirements for me as a software builder I need to implement. - Third: Based on the product, I might visit sites like https://iapp.org/ Those steps provide a good start. then you need to have a provacy manager/responsible person who you would like to train into a "running privacy related programs" if your company is big or consult with a lawyer to understand what is the minimum action you need to take to satisfy the requirements. Again Data provacy is a must and it can ruin your business if you don't think about it in the beginning of your product journey. Good luck!
Bogomil Shopov - Бого
Threat Modeling e-book
Threat Modeling e-book
@shreya_r_nambiar If you have any specific questions, I'll be happy to help.
Kazimieras Melaika
No need to have courses, webinars, or workshops on that I believe. Everything is pretty clear and can be found on the internet. GDPR in Europe, ISO, etc. etc. Everyone already knows all the regulations, at least in our team. Btw, we’re launching in late May. Check out our upcoming PH page: www.producthunt.com/upcoming/eff... Our project is called: Effecto. It’s an app for detailed habits, health, symptoms, and meds tracking. Pretty much for everything that is related to your physical or mental health and every daily factor that can affect you.
Petar Todorovski
@kmelaika I've just subscribed for Effecto, looks promising! In my consulting work, though, I've noticed that many founders are not familiar even with basic concepts such as data minimization, purpose limitation, etc. I am curious, though, how confident are your team members in the GDPR knowledge? I assume that your app processes health data, which triggers the requirements for DPIA, Data Processing Agreements, security measures, makes thins about international data transfers quite complex, etc. How do you handle these requirements without a GDPR expert (apologies if I am wrong that you haven't consulted any)?
Miracle Elijah Mambasa
The war against cybercrime doesn't have to be so protracted when it can be snapped in one go - putting personal data & privacy in the hands of the private individual. If we could empower them to do just that, we could eliminate data, privacy breaches & 60% of the world's data centers with their carbon footprint. That's how we at the Decentralized Privacy Team go about it.
morgo port
I stumbled upon your article and decided to leave my comment on this, maybe some of the readers will find my comment useful, I agree that data security is now a very big problem and for this you should pay attention to "managed detection and response (MDR)" - https://underdefense.com/service... which will keep your company safe and private
Rachel
With the arrival of GDPR, all employees in our company were required to take and pass an online course about Data privacy and compliance. Very informative. We will soon be launching our new solution Sweego which allows developers to easily send and monitor transactional emails. It's 100% made and hosted in Europe.