How much of your reading takes place online these days? How do you get your news? When was the last time you picked up an actual newspaper?
Have you noticed recently that every website has these notes about cookies? It is all to do with that little word security and attempts being made at a governmental level to offer us some protection. Little surprise then that there are plenty of advisors in the realm of governance risk and compliance.
But the consequences of a data breach or even just losing data are massive. Ironically, the consequences affect you and any fines levied are not going to make it back to the pockets of the people whose data has been lost, but that’s a topic for another day.
Most companies use external consultants for this type of work ensuring that their security measures are up to date and compliant. There are a few really good reasons. Firstly, keeping a security and compliance Tsar on staff tends to be the prerogative of the bigger companies, the ones with additional money.
Also, these are complicated issues and to make matters worse, the ground is always shifting. Just keeping up to date with the requirements on how long you can keep data is a headache in itself. It’s a bit like painting a bridge, the minute you have finished, you have to restart because the rules changed again.
Getting the advice of an organization who can ensure your compliance and who is au fait with the current rules and regulations is probably the best start for a mid-sized company who has a concern about their compliance.
We all know you have to let people unsubscribe, but there’s considerably more to the topic than that.