Employee security awareness training is a best practice and a “reasonable safeguard” for protecting the privacy and security of an organization’s sensitive data. The list of data privacy and cybersecurity laws mandating employee data protection training continues to grow and now includes the EU AI Act. The following list is a high-level sample of employee
Developing a Privacy and Cybersecurity Training Program for Employees
Increased remote work due to the COVID-19 pandemic has only exacerbated privacy and cybersecurity concerns, and likely has not changed the finding in Experian’s 2015 Second Annual Data Breach Industry Forecast:
Employees and negligence are the leading cause of security incidents but remain the least reported issue.
A more recent state of the industry
Survey Finds Healthcare Workers Understand Security Measures But Still Share Sensitive Information Through Non-Secure Email
According to reports on a recent survey, the vast majority of healthcare workers share sensitive medical information using non-secure email. The survey, conducted by Kickstand Communications, reportedly found that 87% of healthcare workers surveyed admitted to this practice. These results echo other reports finding that employees and others with access to an organization’s confidential information
Are You Covered?
The New Jersey State Bar Association recently met to discuss, among other things, our favorite topic: Cybersecurity. (Perhaps our esteemed Privacy, e-Communication and Data Security Practice Group chair was there….) We wanted to briefly mention two critical points discussed:
- Critical Point #1: The biggest risk out there is employees. We employees click on