privacy isn’t what you get

Employee privacy is a joke. A terrible one at that. If you ever got to spend time in large corporations, specifically the departments where they set up large HR (integration) systems, it won’t be long before you realize how careless data is being thrown around, on test, development, and production environments.

Interestingly, GDPR brought about law and order in the wild west of privacy-sensitive employee data, but arguably, not nearly enough. Moreover, employees are almost never aware of how their data is being mistreated, but for how long? As consumers become — rightfully so — more demanding with regard to sustainability, employees will follow suit, becoming more vigilant about their data. Gartner dubbing “tackle employee data privacy” as the seventh future of work trend for 2023 might speed things up.

The only way for companies to truly create added value for their employees in their human resources ecosystem is by treating their privacy with the utmost respect and never compromising it.

if it isn’t broken, break it

There is a potential need to deconstruct “something” within your organization to comply with some standards. It could be a manual – or automatic procedure, soft- or hardware, privacy-sensitive data, the actual organization itself… The list goes on.

The “if it isn’t broken, don’t fix it” adage doesn’t always apply. Before extending certain certifications, the issuer wants the requester to deliberately break stuff or even fake malicious attacks.

If it isn’t broken yet, at least think about what it would require to break it, how it can be avoided, and how it can be resolved.