A manager makes an unannounced visit to the marketing department and performs a walkthrough of the office. The manager observes unclaimed documents on printers. A closer look at these documents reveals employee names, addresses, ages, birth dates, marital/dependent statuses, and favorite ice cream flavors. The manager brings this to the attention of the marketing department head. The manager believes this information to be PII, but the marketing head does not agree.
Having reached a stalemate, which of the following is the MOST appropriate action to take NEXT?
A . Elevate to the Chief Executive Officer (CEO) for redress; change from the top down usually succeeds.
B . Find the privacy officer in the organization and let the officer act as the arbiter.
C . Notify employees whose names are on these files that their personal information is being compromised.
D . To maintain a working relationship with marketing, quietly record the incident in the risk register.
Answer: B
Leave a Reply