October 2005 
Volume 04, Issue 6 
New and Notable
 
What's yours is yours

What Boeing's doing—and what you can do—to keep personal data safe and protected

BY KATHERINE OBMASCIK

Notice signPrivacy: Some people crave it more than others. But everyone wants data privacy, to make sure all personally identifiable information is safe and protected.

In recent months, several large corporations have made the news because of problems protecting personal information. These incidents show that data privacy involves not just technology but also other elements, including people, policy, education and awareness. They also demonstrate that Boeing employees, whether they're at work or in the outside world, need to take action to guard personal data.

Boeing's Human Resources Data Privacy Team, headed by Debra Overlin, has created enterprisewide policies and practices to ensure all employee data is handled correctly and securely.

Proactively protecting data

It's everyone's responsibility to protect personal information. Here are some ways that will help Boeing employees protect personal data.

With computers

  • Before stepping away from your computer, log off. Or, if you're at your own computer (instead of a shared computer) press the control, alt and delete keys simultaneously and then click the "lock computer" button.
  • When accessing personal information via TotalAccess, take care to protect the monitor from the view of others and close out and lock your computer before stepping away. 
  • Don't share your passwords or personal identification numbers (PINs).
  • Don't store personal information on your laptop. If you must do so, encrypt the files containing this information.
  • If you work with printouts that contain personal data, shred the printouts or place them in a Limited Destroy Bin when you're finished with them.

If you're asked
If someone asks you for personal data, find out exactly who they are and ask them why they need it and what it is to be used for. Tell them you will get back to them. Then check the procedures and policies on handling data or contact your manager to see if this is a legitimate request for this data. 

Be alert to scams. If someone contacts you by e-mail or phone and appears to have more information about you than you think they should, report it to Human Resources, Security or Data Privacy. Contact your manager immediately if you believe this may reflect either a potential data breach or an attempt to gain inappropriate access to personal data. Also, if you find personal data left in the open and unattended, immediately secure it and report this breach to management.

For the most part, the company can use personal data for legitimate business purposes, such as HR processes and other employment-related activities. Additional restrictions apply with personal data received from the European Union. 

The bottom line: If a request appears questionable, immediately report it to your management, HR office or Security. 

"Boeing is committed to continuously improving how we protect all of the personal information entrusted to us," said Rick Stephens, senior vice president, Human Resources and Administration. As an example, Stephens said the company is transitioning to BEMS (Boeing Electronic Messaging Service) identification numbers, rather than Social Security numbers, as a digital person identifier for database, application and other programming uses.

Boeing's role

In this day of instant access to information, data is easier to obtain, use and share. This can make people and programs more efficient—but also can be dangerous if the information falls into the wrong hands.

Accordingly, Boeing continues to take a proactive approach to protecting employee data. Boeing applies the same strict data-protection standards to its vendors and suppliers, such as its benefits providers, call-center support staff and other parties that perform work on Boeing's behalf.

In the past few years, Boeing has created a full-time dedicated Data Privacy team and launched an active and ongoing Human Resources privacy initiative. In addition, Boeing continues to be involved in key privacy-focused professional organizations such as the European Privacy Officers Network and the International Association of Privacy Professionals, through conferences organized by Privacy Laws and Business UK and Privacy and American Business.

"Through this industrywide involvement, Boeing is well-positioned to influence future privacy legislation and compliance approaches for large, multinational corporations," Overlin said.

Employees' role

Although Boeing is taking a proactive role in protecting data, employees share the responsibility to ensure personal information is safeguarded, Overlin said. Not only should employees observe basic safety precautions when using computers, but they should be judicious if they're asked for personal information (see box at right).

If an employee is unsure about how to handle data or a request for data, Overlin recommends he or she talk to someone who can determine if the request is appropriate and is based on a legitimate business need.

"The world is changing, and our world at Boeing is changing as we become more global and have employees located all over the world," Overlin said. "We are changing our privacy practices and policies to reflect this, and we need to be sure that employees are doing their part to protect information as well." 

katherine.h.obmascik@boeing.com

For more information

By phone: Contact the Data Privacy Hotline at (312) 544-2506.
By e-mail: Send questions to hrdataprivacy@boeing.com.
Related Policies & Procedures:
Check the Policy, Procedure and Process System site on the Boeing Web (http://policyplus.boeing.com (internal link only)) for these procedures.

  • PRO-98, "Employer - Employee Information Practices."
  • PRO-2227, "Control of Sensitive Company Information."

 
Front Page
Contact Us | Site Map| Site Terms | Privacy | Copyright
Copyright© Boeing. All rights reserved.