Well-defined data protection concept increases acceptance among employees
Category: NachrichtenBy: R. Olschewski - 2B Advice GmbH - the privacy benchmark
Successful data protection requires a high level of acceptance among employees. This can only be the case when the company's data protection concept is clearly discernible. In this sense, it is necessary to make this data protection concept clearly comprehensible and, even more importantly, to optimize internal communications regarding data protection.
This generally requires an experienced team of specialists, who, along with their high level of competency with regards to IT security questions and data protection, are also familiar with the internal communications mechanism and possess a high level of media competency.
The main points of the data protection concept can then be carved out in cooperation with management and the HR and IT departments and communicated through awareness projects.
This, for example, can be done with checklists and formulated instructions to the employees. Special presentations for management and affected employees may also be considered. So-called awareness posters are often displayed on the company grounds.
All in all it can be said that a standardization of the data protection product increases its recognition value. Employees can only identify with the goals and subject matter of the data protection concept when the communication is unmistakable and a clear commitment to data protection is made.
Other tools that may be used to increase enthusiasm about data protection include short films, for example, which can be attached to relevant employee info e-mails to regularly strengthen their awareness of data protection as an issue. Abstract data protection issues can be visualized and made more vivid through such tools. Inappropriate behavior, as well as the consequences it has for the company, are outlined precisely and the goals associated with data protection clearly stated.
Another project, which harnesses the employees' team spirit and increases common awareness, can also be used to internally communicate the data protection concept in a more playful manner. One example of this is the search for a fictional thief (phantom) within the company. This activity points out potential vulnerabilities of the company and challenges employees by predicting violations against the data protection policy that will be exploited within the company. For example: "10 unprotected computer monitors will be discovered over the course of the coming month." This makes data protection a concrete target and increases awareness.
(1217 times viewed)Konzern-Datenschutzbeauftragte