(from “The E-Privacy Imperative--Protect
Your Customers’ Internet Privacy and Ensure Your Company’s Survival
in the Electronic Age,” by Mark S. Merkow and James Breithaupt (AMACOM
2002)
1. Review your current privacy policies. Are
they sufficient to address the concerns of your customers? If not, determine
if you have the resources in-house to create your policies; if not, consider
looking for outside help.
2. Educate your employees about the importance
of privacy matters both to the customer and the company.
3. Understand current and pending state and federal
privacy legislation that might affect your operation. Vigilance is the
byword here.
4. Consider hiring a CPO if your organization
is large enough and can afford what should be a highly visible management
position.
5. Review the security of your systems. Privacy
is not just about policy and legislation. It also means protecting your
data from both internal and external threats.
6. “Mystery shop” on your own site
by planting data about fictitious customers with mailing addresses and
e-mail IDs that you can monitor to see if information leakage is occurring.
7. Keep up with international laws that may affect
your business, including the Safe Harbor provisions and OECD (Organization
for Economic Cooperation and Development) directives for information privacy
and security.
8. Subscribe to consumer protection services
(like BBBOnline) and join organizations that focus on consumer issues
related to privacy.
9. Participate in seal programs to help assure
your customers that you’re serious about their privacy concerns.
10. Because technology won’t stand still,
revisit each of these steps at least annually to maintain a strong privacy
posture.
Back to Merkow interview
|
