Data Protection: A Practical Guide to Managing Your Risks

Protecting valuable information assets, including personal data about employees, students, customers, and medical patients, is an enterprisewide responsibility. Like all components of good corporate governance, it begins with senior leadership establishing a culture of awareness about the importance of safeguarding these assets and extends through coordinated actions among all business units, divisions, and departments. When creating data privacy programs, organizations should align them with their strategic enterprise risk objectives and follow a top-down approach to achieve the greatest benefit.