So you are working from home, juggling staff, virtual visits, kids, partners and Amazon orders, all while still in your pyjamas from the waist down. Privacy is the last thing on your mind.
Should it be? Well, maybe not. Our situation is not about to end any time soon, and there are some elements of work that will stick with us into the future - like home-based work. If you read my last blog, I highlighted how for me, this is a “gap” year. My focus is on a long-term vision, and a consideration of the work I do now contributing towards that. Privacy and working from home would fall into that category. So I asked one of our Architects, Amanda Bowdridge, to reflect on privacy and our times. Here is what she shared:
Privacy is not about compliance; it is about commitment. It is about a commitment to keep the information of others as private as you would want your own – or more so! This is something that is even more of an issue as we are now working in new environments where we live and play, and feel safe. Home is safety, so we don’t always consider how the information, conversations or work we do might not be safeguarding others in a way that honours that commitment to privacy.
If I were to suggest a few “easy to do” steps to enhance your privacy practices, I would suggest:
1) Make sure you are talking to the right person: Ask them to verify their identify. People are used to confirming this when contacting their financial institution’s and should expect that their identity should be verified each virtual visit with their care provider. Ask them the show their Drivers Licence via the web camera or to confirm their contact information along with emergency that you would have on their file.
2) Keep your workspace secure: It can be easy to develop a false sense of security while working at home. Be sure to take extra steps to protect and secure people’s personal information when you are working remotely. Secure your home network and devices with strong passwords and consider the use of locked drawers for sensitive information.
3) Encrypt Sensitive Data in Emails and on Your Device: Emails will always have some risk when using them for sending/receiving sensitive information. To help mitigate some of that risk you can encrypt the information. There are many tools available to send secure email.
4) Complete or update your Privacy Impact Assessment to reflect these times: While a Privacy Impact Assessment (PIA) may be legally required in many jurisdictions, it is also a very practical safeguard. A PIA identifies risks and the strategies in place to mitigate them. The end document is helpful, but it is really the process that acts as an administrative safeguard for organizations.
So – that is Amanda’s input. As you consider her suggestions, what are some ideas that resonate for you? For more on this topic we are offering a free webinar on how to manage privacy in this time, and what you can do to update your PIAs. Check it out here