Learn to Protect Your Organisation’s Personal Data Technology by Marlon Berry - July 19, 20210 The COVID-19 pandemic has changed the world in unprecedented ways. Nowadays, consumers and investors have reacted by adopting conservative adjustments to their lifestyles. This also has a dramatic impact on organisations across various industries. That said, the importance of participating in PDPA trainings has also become increasingly important. PDPA training is also especially helpful for working professionals who want to update their skills to keep up with the latest data protection trends. Aside from investing in PDPA training, there are also other ways you can effectively protect personal data that’s in your organisation’s care. Now that data protection regulations like the GDPR are in full swing, customer data protection has also become a priority by most organisations. Below are some of the most effective ways you can protect the personal data that’s entrusted in your care. Have a Data Security Plan Your organisation should create, enforce, and update a robust security plan. The plan should include an inventory of various categories of personal data that’s stored, processed, collected, and communicated by the organisation. The security procedures and policies for each data category should also be clearly expressed and defined. The procedure and policies should include the following: Definition of required security measures Identification of parties that are authorised to access the data Description of authorised data uses Actions that should be taken in case of service outages and failures involving computer networks and communications Training programs for employees and other authorised data network users to ensure it is in compliance with the data security procedures and policies The data security plan should also include actions that should be taken in the event of a potential or actual security breach. Defensive measures to prevent or stop the breach Documentation of the breach for remedial and evidentiary purposes Notification procedures for law enforcement authorities Remedial actions that should be taken to repair damage caused by the breach (and to prevent similar breaches from happening in the future Train Employees to Identify and Respond to Scams When the COVID-19 pandemic happened, many scammers capitalised on the goodwill of some people who wanted to help. For example, some individuals and firms are sent phishing emails and are asked to forward them to their friends and colleagues, thereby introducing malware into their IT systems as a result. That said, organisations should communicate similar risks to employees and staff. It is also recommended that current security measures are checked by the IT department to gauge if it is sufficient. When corporate emails are compromised due to phishing, the damage can be substantial and can put the entire IT system in jeopardy. Encrypt Data Data security plans should involve using a strong encryption for sensitive data. Data should also be communicated and stored in encrypted form. When external parties are involved in the data storage purposes, it should be encrypted before it is passed, even if they have an encryption service. Ensure Data is Communicated Securely Apart from using encryption, there are various ways to communicate sensitive data more securely than using the traditional internet-based e-mail. For instance, the “Tor ” system makes use of different computers provided by volunteers in various locations to create greater security and anonymity to email communications. Individual messages are also encrypted and re-encrypted many times by different computers while the message is being transmitted to its destination. This system can also make it very difficult for third parties to access message content and monitor internet communications. This secure data communications system is considered ideal for sensitive content.