Can Working Remotely Affect Your Privacy Program?
I believe it can and here's why.
If you’ve been following recent news, a large technology company recently told all of its employees that, starting in a few weeks, they are expected to work in the office and not remotely from home. Much less press was given to a large electronics retailer who was one of the first major companies to implement a very flexible work schedule, but has now given their employees a similar message, that their flexible, work-from-home life is ending.
Look at the impact of your work environment on privacy.
As privacy leaders, we are likely among the most visible people, touching more parts of our organization than almost anyone else. Think about that for a minute: Most of your non-privacy peers work with similar people within their department or workgroup. Finance people work with other finance people, same for HR, customer service or sales. One might argue that your friendly IT support person sees everyone at some point, but they tend to be focused on getting your computer working and not much else.
But we actually work with all of these groups, securing customer, employee and research data, along with corporate documents, trade secrets and new and existing products and services, sometimes long before they are publicly released.
And now for my point: Other than working with your IT group to create the procedures around securing data for your remote employees, you may not have quite the same relationship with people whom you rarely see in person. I’m a walker—I often grab a coffee and walk around the office. I see people; we share a smile or wave while they are working. Sometimes we have hallway conversations about work or personal things. And I learn an amazing amount of what is happening in the organization this way. More recently, I stopped eating lunch in my office, using that time to catch up on industry reading and the Daily Dashboard (shameless IAPP plug), and started eating in the common area. Same result as walking around: I have almost daily conversations with people with whom I’m not currently working on any projects.
Or so I thought, until I hear, “I was just about to call you! We are about to start this new project, and I want to know your availability to talk with the team.” And my experience is that my theory is likely correct: The more contact you have with your peers, the more you will learn about their upcoming projects—and earlier—than you would through the official channels. And doing so in-person is easier than remotely.
I am sympathetic to those people who are impacted by these changes to their work environments, but if you look at it in a different way, you might find that it’s helpful to your efforts to protect your organization’s data and for you to be leading that effort.
Feel free to share your experiences in the comment section.
About the Author
Allen Brandt, CIPP/US, CIPP/E, CIPM, is corporate counsel, data protection and privacy, and chief privacy official for GMAC, which owns the Graduate Management Admission Test (GMAT), an exam delivered to prospective graduate business students in 111 countries worldwide. He provides legal guidance and counsel on U.S. and domestic consumer privacy issues, creates data protection policies and procedures, responds to privacy inquiries and leads the privacy training program. In addition, he monitors compliance with the council’s marketing programs and oversees the filing of international data processing applications and notices.
Brandt is a member of the California and Missouri Bars and is a Virginia corporate counsel.