Zivver achieves DCB0129 status for NHS Clinical Safety Risk Assesment
Tip 1: Make sure the policy is clear
What information do you need to send securely? Through which channel and with what security? Employees want to do things the right way, but don’t want to have to reinvent the wheel per situation. They have other things to tend to! So give them a clear overview of all the types of information your organization shares. Add a roadmap for each type. This should clearly explain what information to share in what way. Place this clear overview on your intranet, share it via email, or hang posters. Choose software that supports employees in making the right choices. Preferably software that shows employees exactly what is happening. This is how they can keep increasing their understanding of personal data and the associated risks.
Tip 2: Make it easy for the receiver
There are quite a few tools available that allow you to securely share information. However, most solutions force recipients to take all sorts of extra steps. For example, they must first install an app, create an account, or click a large amount of times before they can read your message. That is not what your recipients need. That is why you have to provide a solution that makes it possible to share information securely, without burdening the receiver with additional hassle. The employee that shares the information will also find this a reassuring thought.
Tip 3: Make sure all contact information is complete
In other words, make sure the receiver doesn't have to install anything extra. However, to be sure that shared information arrives safely, you sometimes take extra measures. For example, you send an authentication code to a mobile number, or decide on a password together. To do this, you need information from the recipient beforehand. Make sure that you get that information when speak to the recipient. For example, when registering a new client, instantly ask for the email address and mobile phone number and verify this immediately with a test email and SMS. Do different employees communicate with the same recipient using a password? If so, make sure that everyone uses the same password. This takes work off the recipient’s hands. This can also be done with automated software.
Tip 4: Make secure sharing the most engaging experience
'You can receive your data in two days via mail, or in one minute via a secure mail. What do you prefer?'. Recipients sometimes do not see the need for secure communication. Especially if they have to do something extra for it themselves. This often changes quickly as you briefly and clearly explain the benefits. You can have this added to your message automatically. There is no doubt that there will still be recipients who do not want to cooperate or ask for additional information. To anticipate this, provide your employees with a few strong arguments with which they also satisfy these critical recipients. You will, of course, also refer to the legal obligation and the threat of a penalty.
Tip 5: Make sure you can take action if something goes wrong
You can do a lot to prevent mistakes. Unfortunately, no solution or organization can fully prevent a data leak. That is why you have to know exactly what to do if it does go wrong. Use tools that make help you intervene. Before you can intervene, you first have to know what went wrong. When this is clear, you immediately know what to do to limit the damage. For example, there are tools that block access to a sent email. They also give you an overview of who already viewed the email and attachments at that time. This helps you to limit the damage and to provide Data Privacy Authorities with a detailed report.
Zivver can help you with all the 5 tips above!
Everything you need to know about secure mail
This blog emphasizes how human error can have serious consequences for your organization. There is more you can do to prevent human error and keep your email secure. For more information, visit our Secure Email page below.