2021 Environmental Social Governance (ESG) Report
Data Privacy and Security (418-1)
We have a focused Information Security and Risk Management team dedicated to risk management, compliance and awareness training, client and data security, technical security, and data privacy. Our global and regional risk committees are responsible for the governance of risk, internal audit, control, and compliance, and our security compliance committee is responsible for the governance of our security programs. We use a set of security policies and standards to protect the information of both the company and our clients. > Information Security Policy - defines the principal requirements of our Information Security Program > Appropriate Use Policy - defines how technology and information should be used > Security Standards - defines the minimum security requirements for each geography > Global Workplace Privacy Policy – describes the ways we handle and protect the personal information of our staff members
Data privacy remains a key focus at Cushman & Wakefield due to the rapidly changing regulatory landscape and heightened consumer expectations. In 2021, we continued enhancing our risk-based approach in protecting the personal information we hold on behalf of our firm, third parties and employees. We believe that requirements concerning data protection and privacy are not costs of doing business, but priority business enablers. Our practices are founded on the principles of confidentiality, integrity and availability, and we are committed to maintaining data protection and security practices that are consistent with market, legal and contractual requirements across the various markets we serve. We actively manage our Global Privacy Program, adapting to emerging or changing privacy laws across the globe, including the Chinese Personal Information Protection Law (PIPL) and the changes to EU International Data Transfer guidelines.
CUSHMAN & WAKEFIELD 2021 ESG REPORT | 91
Made with FlippingBook Online newsletter creator