Does the thought of making your organization privacy complaint seem like the last item on your priority list?

Becoming privacy compliant is not an option for most organizations — it’s the law.

Not being prepared with the appropriate policies and procedures to handle your customers’ and clients’ personal information can cost your organization dearly later on in the form of legal services, deteriorating company image, and loss of business revenue.

One of the quickest and most surest ways of becoming privacy complaint is by hiring a privacy lawyer.

The Benefits of Hiring a Privacy Lawyer

Your organization has other options for ensuring privacy compliance. For example, you can hire a privacy officer. However, there are numerous immediate benefits by hiring the services of an experienced legal professional.

Get it Done Right — Right Away

Hiring a privacy lawyer means expertise immediately within your reach. Sure, they may cost more initially, but your organization will benefit by having results that you can count on now.

Developing Policies and Procedures

A privacy lawyer is able to create policies and procedures for the collection, usage, disclosure, and management of personal information that is consistent with your organization’s business processes.

You can rest assured that your organization’s policies and procedures are developed using best practices and backed by a professional.

Understanding Tricky, Cross-Border Issues

Many organizations are large, diverse, and have offices scattered throughout the globe.

For example, your organization may collect personal information from people in Canada, process that information in India where labour is cheap, and finally store the information in a data warehouse in the US.

When personal information crosses borders and is subject to difference privacy legislation, it is vital to have a privacy lawyer review your situation to ensure you are aware of your risks and responsibilities and are compliant in each area.

Responding to Access Requests and Complaints

What happens when you receive a nightmare access request?

A customer who seemingly knows privacy legislation better than the back of his hand is demanding volumes of records containing personal information and is demanding information about how his data is collected, used, stored, and deleted.

On top of that, he’s also threatening to make a complaint with the privacy commissioner if you do not provide a satisfactory response within thirty days.

Are you prepared to handle difficult privacy access requests and complaints?

Mitigating a Privacy Breach

Everyone knows about the financial damage that TJX corporation suffered when it failed to provide adequate security measures to protect the personal information it had collected.

A privacy lawyer can mitigate the chances of a privacy breach which has the power to cripple your organization. If your organization has already suffered a privacy breach, a privacy lawyer can help minimize its impact.

Privacy Training

For larger and more specialized organizations, training privacy officers, employees, and creating educational materials needs to be done properly. Some organizations can simply not afford to make mistakes.

Privacy training done properly will create knowledgeable, trained employees and reduce the risks of an employee making a careless mistake with your organization’s sensitive information.

Contracts

Perhaps the most important, a privacy lawyer can assess, create, or modify your legal contracts to ensure that your organization is legally covered in its business activities when collecting, using, and disclosing personal information.

Finding a Privacy Lawyer

PrivacySense offers a free Privacy Lawyer Directory where you can search for law firms practicing privacy law in Canada. Take a look at the law firms in your area and see what services they have to offer.

Conclusion

Privacy law is relatively young and not fully understood by a majority of businesses. Although hiring a privacy lawyer can seem expensive on the onset, your organization will save valuable time and costs in the long-run and will get started on the right foot by having dependable professional resources from an experienced law firm.

Once your organization has employed the use of a privacy lawyer, continuing to use one can be an ongoing, costly expense. Consider using the resources of a privacy lawyer to properly train a privacy officer you hire to handle the management of personal information in your organization.

One thing every privacy officer should be concerned about is the proper handling of personal information in an organization.

Your organization can spend thousands of dollars on high-tech solutions to protect personal information but all it takes is a careless slip by an employee to cause a massive privacy breach.

This is why employees need constant reminders about the importance of handling personal information properly and why privacy officers need solid ideas to foster privacy awareness in their organization.

Here are some creative ideas for privacy officers:

Write for the Company Newsletter

Most medium-to-large sized organizations have a company newsletter that gets circulated through the office. This is a great opportunity for privacy officers to have a presence and deliver privacy-related information to employees at regular intervals.

Provide Practical Tips

Chances are, many of the employees in your organization manage online profiles such as Facebook. Use this opportunity to show employees how to keep their profiles private and show them what type of personal information they should not share with the entire world.

Show Consequences for Failing to Comply with Policies and Procedures

Policies and procedures are easier to comply with if employees know why they should be following them.

For example, if your organization uses a document destruction policy to instruct employees to shred all paperwork containing sensitive information, you can refer to news stories where employees have contributed to a privacy breach by throwing personal information into a dumpster rather than using the shredder.

Report on Privacy News

Privacy news, especially if it is relevant to your industry, may interest many of your employees. You may choose to provide snippets from articles or rewrite and summarize news stories for your audience.

Mention Changes in Policies and Procedures

A “what’s new” section may be an effective place to remind employees about changes to policies and procedures.

Make Privacy Officers Open and Accessible

Consider publishing the names and contact information of all privacy officers in the organization.

Depending on the size of your organization, you may also consider posting a picture and location of the privacy officers in the office. Employees will feel more comfortable approaching privacy officers if they know who they are, where they are located, and if they are open to questions, comments, and suggestions.

Another thing to consider is having your organization create an email specifically designated for privacy related inquiries (e.g. privacy@yourbusiness.com). This will ensure that employees always remember where to send inquiries via email.

Deliver Introductory and Refresher Privacy Training

Whenever possible, deliver introductory and refresher privacy training in person. This will allow you to meet employees and promote privacy awareness on a personal level.

Write an F.A.Q. Document

After a few years there will be numerous questions that will be frequently asked by employees. Consider creating a Frequently Asked Questions document and putting it online or making it available in hard-copy.