March is FinTech Privacy Month
In our previous article we discussed how privacy laws leave bread crumbs pointing towards a risk-based approach for a total privacy protection strategy.
Indeed, the triad of IT Risk Management, Privacy and Security is crucial for FinTech and larger-sized companies to tackle the many regulatory obligations they have to comply with.
In other words, the privacy risk gap constitutes the “visible consequences” of inadequate IT Risk Management and Cybersecurity & Privacy Risk Management.
But where do you start in order to find these gaps? The Office of the Privacy Commissioner of Canada suggests to look right inside your Privacy Policies – for starters:
The risks in collection, use and disclosure as well as over-collection, retention and over-sharing without appropriate controls adds up rapidly, regardless of which MPC Privacy Quadrant your organization falls in.
There are several things in common for all these findings, but one that resonates throughout the policies is the human factor. Having adequately trained and knowledgeable personnel to understand these gaps and how to interact with the business to bring awareness to their practices plays a very important role in reducing your privacy risks identified by the OPC or other regulators.
How is your organization equipped to demonstrated Accountability today? Have you quantified your gaps and privacy risks from your privacy policies and do you understand the impact to employees and consumers?
Do you have roles and responsibilities defined for privacy in your organization? To find out more: contact us or download our Practical Privacy Playbook to find the best resources for your privacy risk gaps.
For additional insights, certified expertise and a unique risk-based technology platform: