Table Of Contents:
That one big after-Christmas task which creates surprising privacy issues
It’s that strange time between Christmas and New Year, when everything goes quiet and hardly anyone’s around. It’s one of our favourite moments, because it’s a great time for taking stock. You can have a breather, look back at 2020 and forwards to 2021.
And if you’re a parent, you’ve got one of the great post-Christmas chores to look forward to. You’ve got to jot down who gave what to your child or children, and get ready to chivvy them into writing all those thank you notes.
At ISMS.online, we’re not just infosec specialists. We also help organisations sort out their privacy information management systems, or PIMS. And because we’re very PIMS aware, all those present lists set us thinking about privacy management.
Thank you lists create privacy challenges
After all, they’re full of Personally Identifiable Information, which is the kind of info a PIMS protects. They list the individual gift-givers by name. And you might have added postal or email addresses too, to help the thank you note writer send their grateful missives.
They’ll list each present too, which can tell you a lot about the giver’s relationship with the present’s recipient. That can be surprisingly sensitive information.
Take Cousin Dave for example. He gave 16-year-old Holly a Duplo farm set. He clearly hasn’t seen her for ten years or so, so hasn’t registered that she’s grown up a bit. At least he has a strong sense of family duty! But maybe have a quiet word before next Christmas?
And if you’re feeling tactful, you won’t let everyone know how wrong he got this year’s present. That’s when you’re thinking like a privacy manager. You’re safeguarding the sensitive information you hold and only sharing it constructively.
Every family has its own approach to privacy
Of course, every family handles that kind of thing in its own way. Some families might hate the thought of embarrassing poor, well-meaning Cousin Dave. The Duplo set will Never Be Spoken Of Again. Others might think it’s the funniest thing ever, and tell everyone about it.
And that’ll cover a lot of other subjects too. What’s completely unmentionable in one family will be happily shared in others. In effect, every family creates and follows its own set of privacy regulations, or chooses to live up to a particular privacy standard.
That too is the kind of challenge privacy managers have to deal with. Globally, many new privacy regulations are under development or already in force. GDPR is perhaps the best known, but other national and international examples abound.
If you’re managing privacy for your organisation, you’ll have to keep a close eye on which ones might apply to you. And of course you can complement your regulation-driven privacy efforts by going for ISO 27701, the global standard for PIMS creation and management.
Yes, we’re privacy obsessives. But hey.
It’s the obvious conclusion. We looked at a list of Christmas presents and saw a PIMS challenge. But that’s a good thing, because it means we obsess about our clients’ privacy as much as (if not more than) our own. And that’s great for them.
But there is one thing we want to be very public about. 2020’s almost done. So we want to wish you the biggest, loudest HAPPY NEW YEAR we possibly can! We hope you have the best possible 2021, in your public, private and every other capacity imaginable.