Skip to : [Content] [Navigation]
 

MX

 
 
Email article link Print article

Originally Published MX November/December 2001

GOVERNMENTAL & LEGAL AFFAIRS

Six Steps to an Effective Privacy Program

Establishing a company privacy and security program can help a device manufacturer comply with newly enacted privacy laws throughout the world, but it also offers the potential for gaining a significant competitive advantage. An effective privacy program can help generate customer and patient trust, because customers will feel confident engaging in transactions involving personal information, and patients will be more willing to provide such information. Following are the key steps involved in developing and implementing a privacy program.

1. Create and Empower a Task Force. Organize a small, crossfunctional task force of high-level decision makers to oversee the program and its deployment team. Make sure the task force has the support of senior management.

2. Establish a Deployment Team. This team should be crossfunctional and should include at least one project manager.

3. Conduct an Assessment. Identify all areas within the company where personal information is used, and develop an understanding of information flows within and outside the company.

4. Develop an Implementation Plan. The plan should assign responsibilities, create timelines, and set milestones. It should include training materials, checklists, policies, and template documents.

5. Deploy the Plan. The program should be deployed to high-risk areas first.

6. Audit Implementation. Audit the effectiveness of the program, beginning with high-risk areas.

Copyright ©2001 MX