The Health Insurance Portability and Accountability Act requires it. The Payment Card Industry Data Security Standardrequires it. The ISO 27001 standard requires it. In fact, every regulation that mandates that reasonable measures be taken to protect information implicitly requires companies to set up training programs to help employees understand what those measures are.
See the original post here:
The Top 5 Mistakes of Privacy Awareness Programs (CIO)
