Quick Tips for Communicating About Privacy Issues Within Your Organisation
Cookies, aggregated data, dark patterns, and ransomware are just a few of thousands of privacy-related terms that non-privacy professionals may not be familiar with. The fields of privacy and data security are rife with jargon that needs to be widely understood for privacy policies and procedures to be followed. Yet, overall, communicating about privacy issues isn’t often done well:
- Customers don’t tend to understand privacy policies.
- Employees are still one of an organisation’s greatest privacy threats.
- Management teams are slow to adopt a privacy-centric approach, instead continuing to approach privacy as a compliance checklist task.
Improving Communications About Privacy Issues
The way privacy and the associated issues and benefits are communicated can change how your stakeholders, partners, employees, and customers view privacy at your organisation.
To communicate effectively, you need to overcome the barriers your audience faces in digesting the information you give them. The most common barriers to understanding privacy issues are:
- Understanding privacy-related jargon.
- Making time to understand the privacy issues.
- Determining the real-world implications of privacy issues.
By overcoming these barriers, you’re better placed to aid non-privacy professionals in understanding why the privacy issue you’re communicating is important.
Quick tips for communicating about privacy issues clearly and effectively:
Tailor Your Messages
Don’t assume you can use the same language speaking with your organisation’s board as you can speaking to its customers. You should tailor your messages and language to the individuals who need to absorb it.
Time Your Communications
The timing of your privacy-related communications matter. If those seeing it are distracted, tired, or stressed, they’re less likely to absorb the information – or even watch or read it in its entirety.
To overcome this barrier, you should time your communications so that your audience are focused and alert. There’s no one-size-fits-all method for effectively timing your communications – and the ‘best timing’ will depend on your goals, operations, and team. But it’s worthwhile considering where and when the message will be most effective.
Make It Relevant
The information and key messaging you provide to your board and senior managers will be different to what you convey to the administrative employees who handle your mail. It’s essential that you target your communications so that they discuss relevant issues that affect the individual receiving them.
Ideally, you would find relevant examples that are also interesting. Pointing out to your administrative staff that sending emails to the incorrect recipients isn’t just a mistake, but may be a privacy breach, can help the information seem more important. Explaining that Canada’s federal government recently sent sensitive emails with updated work permits to the incorrect recipients, however, can really help the message resonate.
Checklist for Creating Privacy Communications
Please feel free to use this checklist for any privacy communications your organisation plans to send out:
Identify the target audience and understand their level of privacy knowledge.
Assess and document the risks they must know about.
List any privacy-related jargon that must be used to discuss the risks.
Document language that can be used to discuss those risks with your target audience.
Determine how you are going to communicate the risks to that audience (In a written document? Real-time verbal communications? Pre-recorded verbal communications?)
Create materials that complement your chosen communication method (slides, handouts, blog posts, wikis).
Develop a timeline for the distribution of these materials.
Define success metrics.
Allocate accountabilities and resources.
Map your communication activities channels and the associated success metrics.
Confirm your target audience’s comprehension through focus groups and/or surveys.
Effective Privacy Messaging with Privacy 108
If you’re looking to supply relevant and timely training at any level within your organisation, reach out. Our privacy team would love to help.