Skip to main content
Hafan

Information transfer

Contents

Protect personal information when you are transferring it and prevent it being inappropriately disclosed.

Options to consider: 

  • Implement information transfer policies and procedures for  transferring personal information electronically and manually. 
  • Communicate these policies and procedures to relevant staff. 
  • Include data transfer security requirements in contracts or transfer agreements with third parties. 
  • Complete a lessons learned exercise in the event of a personal data breach, update policies and procedures and provide further training, where required.

Protect incoming and outgoing communications using appropriate security measures. 

Options to consider: 

  • Use encryption to protect the content of emails and their attachments, especially if they contain sensitive personal information. 
  • Use spam filters and various malware detection techniques to protect against receiving malicious emails.
  • Automatically quarantine outgoing emails containing sensitive information.
  • Provide social engineering training to staff, covering the different types of techniques that can be used.
  • Conduct phishing tests on staff and feedback on the results.