Skip to main content

Information transfer

Share(Opens Share panel) Download options(Opens download panel)

Protect personal information when you are transferring it and prevent it being inappropriately disclosed.

Options to consider:

Implement information transfer policies and procedures for transferring personal information electronically and manually.

Communicate these policies and procedures to relevant staff.
Include data transfer security requirements in contracts or transfer agreements with third parties.
Complete a lessons learned exercise in the event of a personal data breach, update policies and procedures and provide further training, where required.

Protect incoming and outgoing communications using appropriate security measures.

Options to consider:

Use encryption to protect the content of emails and their attachments, especially if they contain sensitive personal information.

Use spam filters and various malware detection techniques to protect against receiving malicious emails.
Automatically quarantine outgoing emails containing sensitive information.

Provide social engineering training to staff, covering the different types of techniques that can be used.
Conduct phishing tests on staff and feedback on the results.