0:00:09.792,0:00:14.327
As Deloitte Global professionals, [br]we regularly work with personal information

0:00:14.327,0:00:15.967
or personal data.

0:00:15.967,0:00:19.437
Personal information may [br]include a wide range of data,

0:00:19.437,0:00:23.318
such as a professional’s name along [br]with their personnel number,

0:00:23.318,0:00:24.528
home address,

0:00:24.528,0:00:25.498
photograph,

0:00:25.498,0:00:26.898
location information,

0:00:26.898,0:00:27.908
date of birth,

0:00:27.908,0:00:29.778
or government identifier

0:00:29.778,0:00:33.391
– all essential information [br]that we need to do our jobs.

0:00:33.391,0:00:36.041
But we’re also surrounded by risks…

0:00:36.041,0:00:39.261
Misuse and unauthorized handling of[br]personal information

0:00:39.261,0:00:41.351
can cause considerable risk

0:00:41.351,0:00:46.421
and damage for the individuals impacted, [br]for Deloitte and for Deloitte clients.

0:00:46.904,0:00:51.604
And as if these risks weren’t enough, [br]the consequences for unauthorized disclosure

0:00:51.604,0:00:54.214
are also becoming more severe.

0:00:54.214,0:00:57.784
Privacy laws throughout the world [br]are becoming much more stringent

0:00:57.784,0:01:02.604
and expectations for the proper handling [br]of personal information are increasing.

0:01:02.604,0:01:08.298
Deloitte Touche Tohmatsu Limited – DTTL -, [br]and its global network of member firms,

0:01:08.298,0:01:12.778
must comply with these laws [br]and ensure that the collection and use

0:01:12.778,0:01:17.818
of personal information for business[br]purposes adheres to these requirements.

0:01:17.818,0:01:24.978
DTTL and/or one or more of its member firms [br]could become liable for significant damages,

0:01:24.978,0:01:29.558
fines and expenses for failing to properly[br]handle personal information,

0:01:29.558,0:01:33.558
and in some cases may need [br]to notify affected individuals

0:01:33.558,0:01:36.718
or governmental authorities [br]of a privacy incident.

0:01:36.718,0:01:40.811
In addition, the Deloitte brand and [br]reputation may be damaged.

0:01:40.811,0:01:44.471
It’s more important than ever [br]to take proper precautions.

0:01:45.322,0:01:48.622
There are many new and seemingly [br]helpful applications

0:01:48.622,0:01:53.879
such as survey and collaboration tools[br]available for laptops and mobile devices.

0:01:53.879,0:01:58.153
However, Deloitte people should be aware [br]that not all of these applications

0:01:58.153,0:02:03.743
have been reviewed and approved by DTTL [br]or its global network of member firms.

0:02:03.743,0:02:07.293
In addition, disclosures of personal [br]information to unauthorized

0:02:07.293,0:02:10.853
third parties could violate [br]country privacy laws.

0:02:10.853,0:02:16.031
For these reasons, Deloitte people should [br]only use Deloitte approved applications.

0:02:16.031,0:02:21.961
In some cases, Deloitte has restricted[br]use of such applications on Deloitte devices.

0:02:22.816,0:02:26.266
For additional guidance on [br]approved collaboration tools,

0:02:26.266,0:02:28.726
contact your regional privacy leader.

0:02:30.854,0:02:34.854
That’s right - we need to protect [br]personal information!

0:02:34.854,0:02:37.334
This is how you can save the day!

0:02:40.057,0:02:44.765
Only collect personal information [br]that is adequate, relevant and limited

0:02:44.765,0:02:47.195
to your specified purpose of processing.

0:02:47.195,0:02:52.095
Do not collect or store personal information [br]in a system or display personal information

0:02:52.095,0:02:57.400
on screens or reports unless necessary [br]and relevant for the business need.

0:02:57.700,0:03:02.232
If needed for the business objectives, [br]restrict access to personal information

0:03:02.232,0:03:06.192
only to those with a solid business case [br]– less is better!

0:03:06.192,0:03:09.912
Personal information should only [br]be retained as long as there is a legal

0:03:09.912,0:03:11.698
or business requirement.

0:03:12.788,0:03:17.412
Dispose of hard copy and electronic[br]personal information securely

0:03:17.412,0:03:22.192
– for example, use a cross-cut shredder [br]or confidential waste bins,

0:03:22.192,0:03:25.672
permanently delete electronic [br]files from your recycle bin,

0:03:25.672,0:03:31.935
and return portable storage devices to your[br]information security team for safe disposal.

0:03:31.935,0:03:36.534
Lastly, particular care should be taken in [br]handling personal information

0:03:36.534,0:03:41.073
as unauthorized disclosure can result in [br]a serious breach of privacy laws

0:03:41.073,0:03:43.073
in many jurisdictions.

0:03:43.073,0:03:48.804
If you discover potential unauthorized access[br]to or disclosure of personal information,

0:03:48.804,0:03:54.812
report it immediately to the appropriate contacts[br]as defined by your Member Firm or,

0:03:54.812,0:03:57.752
for full time Deloitte Global professionals

0:03:57.752,0:04:03.082
contact DTTL Confidentiality[br]and Privacy Incident Response at

0:04:03.082,0:04:09.437
DTTLConfidentialityandPrivacyIncidentResponse@deloitte.com

0:04:09.437,0:04:11.727
Notify your immediate leader next.

0:04:11.727,0:04:15.727
Even a few hours delay can make a big [br]difference in terms of compliance

0:04:15.727,0:04:20.170
with legal and other obligations [br]and protecting the Deloitte brand.

0:04:20.170,0:04:23.130
But the most important thing… [br]is staying vigilant!

0:04:23.130,0:04:26.600
Spread the word within your team [br]and work with leadership

0:04:26.600,0:04:30.110
to determine the best methods [br]for protecting personal information.

0:04:30.110,0:04:33.130
This way, we keep [br]personal information safe…

0:04:33.130,0:04:37.492
and protect and preserve the [br]Deloitte brand and reputation.

0:04:37.492,0:04:39.282
Want to know what else you can do?

0:04:39.282,0:04:41.512
Reach out to your regional privacy leader

0:04:41.512,0:04:45.933
for additional information and [br]resources on privacy and data protection.

0:04:45.933,0:04:48.033
For Deloitte Global professionals,

0:04:48.033,0:04:53.129
search for DTTL Privacy and [br]Data Protection on Deloitte Unity

0:04:53.129,0:04:57.309
for additional information and guidance [br]on privacy and data protection.