by American Business Women's Association | Jul 17, 2019 | Uncategorized
Have you ever said something at work you wish you hadn’t? Sometimes the wrong words just blurt out to employees or with the client. The first step in fixing common communication blunders on the job is to know what those blunders are. Then you can say something the smart way and not the dumb way. Verbal communication expert, Greg Alcorn, CEO of Global Contact Services (GCS) of Salisbury, NC, is the author of 7 Dumb Things We All Say and speaks to thousands of people each year on improving verbal communication at work.
BELOW, GREG HAS LISTED THE SEVEN BIGGEST BLUNDERS YOU MAY NOT HAVE USED, BUT HAVE DEFINITELY COME ACROSS!
ONE: Using Bad Bookends. The biggest blunder is starting and ending what you say with the wrong phrasing. Conversation bookends are the small comments or questions just before or right after a full statement or request for action. Be better with your starting and ending bookends. Pre-sentence bookends as a tool can be engaging, demeaning, or distracting. Names are great bookends. Starting a sentence with the name of the person you are talking to warms that person up. “Mary, may I put you on hold?” Saying your name last in your introduction makes it easy for the person you are talking with remember your name. “This is the help line; my name is Jack.”
TWO: Starting with Wrong First Words. Are you familiar with the adage, “Getting off on the wrong foot”? Conversations have first impressions, and they begin with your first three words. Hint: one of the words should be the other person’s name. Using names is important when speaking on the phone, especially conference calls. Conference call principle number one is if you’re going to call on somebody, start with the name. Instead of saying, “What were the metrics on our operations yesterday, Frank?” ask the right way: “Frank, what were the metrics on our operation yesterday?” If you don’t start with the name, you might catch the person by surprise. It certainly catches people’s attention when you say their name first.
THREE: Not Choosing Your Words Well. The words you choose paint a picture for the listener. Your words express your attitude and your personality. Keep it positive. Don’t start a sentence with the word “no.” Even in introductions, you can’t go wrong with saying the person’s name first. A person’s name followed by the four words “I need your help” is a winner. “Rachel, I need your help.” This is especially powerful when it’s in a situation in which you might be the boss and the other person might be a manager, or you might be in a perceived superior position.
FOUR: Poor Questions and Bad Listening. Meaningful questions always stay on subject, keep a conversation moving forward, and ensure the other person feels heard and understood. Becoming a better listener is easier than you might think. It starts by committing to be a great listener and making an active choice to listen. Ask good questions and really listen. This is the “You have two ears and one mouth” principle.
FIVE: Focus-on-Me Attitude. Making it all about you is a turn off for them. This is not a technique; this is an attitude. The best way to describe a benefit is to describe the feeling received. “I came by as soon as I heard you lost the sale; I’m sad.” The fellow employee can recognize the extra effort and surely appreciates the sentiment. It’s a powerful sentence. A special visit, a sense of urgency, and a sincere feeling (sad). Empathy shows feelings.
SIX: Wrong Tone. People feel more comfortable with pleasant, variable tone quality. Voice tone is made up of rate, pitch, and volume. Think tone and don’t drone. The tone of our voice helps others to hear our empathy. The rate, pitch, and volume of our statements of empathy helps express feelings. Usually, but not always, we hear implied empathy when somebody slows down speech and lowers the pitch and volume. Say, “I am sad to hear that you lost the supermarket account,” and I’ll bet you will automatically say it slow and low. The same with excitement at the opposite end of the spectrum. Say “Team, we won the hotel account!” You can’t help but say it fast, high, and loud. Tone expresses empathy.
SEVEN: Not Diffusing Difficult Drama. Stressful conversations, or drama, can be avoided by mastering word selection, listening, and questioning skills. Drama can be inevitable, however. Most stressful situations can be defused when you apply the three Rs: recognize, restate, and reassure. Ask others: “What would you like to see happen?” Those are seven magic words that can defuse difficult drama: Words are just a tool, like electricity is a tool. And like any tool, they can be used for helping or for harming. Electricity can cook a person’s dinner, or it can burn a person’s dinner. Words can turn people on or turn people off.
Here is the bottom line: Nobody wants to say dumb things. But we all do. The first step towards reducing the number of dumb things you say is to know what the dumb things are. Then don’t say that, say something smarter.
by Rene Street | May 27, 2019 | Uncategorized
Author, KRISTINA PODNAR is a digital policy innovator. For over two decades, she has worked with some of the most high-profile companies in the world and has helped them see policies as opportunities to free the organization from uncertainty, risk, and internal chaos. Podnar’s approach brings in marketing, human resources, IT, legal, compliance, security, and procurement to create digital policies and practices that comply with regulations, unlock opportunity, strengthen the brand and liberate employees.
Just as we have gotten used to the idea that the EU’s General Data Protection Regulation (GDPR) is a fact of life and have made modifications in our data collection procedures, the Brazil General Data Protection Law (LGDP), the California Consumer Privacy Act (CCPA), and waves of proposed new data privacy laws are swirling in the calm forewarning of a privacy tsunami heading our way. In the middle of such deep acronym swirls, it could be easy to be overwhelmed. However, all the privacy regulations share a number of commonalities and by addressing these now, you will be on high ground as the waves begin to pound.
The compliance life raft
While you will need to pay attention to the details of individual data regulations as they arise, whether already adopted, pending adoption, or only proposed, all the regulations share certain commonalities that you should consider addressing as part of ongoing operations.
Accountability and governance
At the heart of data privacy requirements is the aim to have organizations develop a plan to self-manage data in a way that respects end users. To address accountability and governance requirements in your organization, consider, have you:
- Reviewed the applicability and risk to the organization from data privacy issues, and considered alternatives, including insurance, in case you are fined?
- Mandated that data privacy become part of the policy program, including staff training, measurement, and compliance reporting?
- Clearly documented roles, responsibilities, and reporting lines to embed privacy compliance
Consent and processing
A fundamental privacy regulation concept is that end users are aware when and why their data is collected, and what happens to it once it’s given. To address these requirements, ask yourself whether you have:
- Reviewed that the data being collected and used is necessary and for the benefit of completing a desired action by the user?
- Identified sensitive data and ensured it is treated as such through the use of special encryption or by validating vendor storage practices for sensitive data, etc.?
- Confirmed that user consent for data collection is clearly captured and documented, and that user data can be modified or erased?
Notifications and data rights
Gone are the days of legalese or simply taking data from users because we can. Data privacy regulations require transparency, user awareness, and forthright behavior by businesses. To ensure you get this right, ask yourself whether the organization has:
- Written user notices clearly so they can be easily understood—properly targeted to children where relevant—and are reflective of specific data collection and usage purposes?
- Updated the internal organization’s data privacy policy to clearly state the rights of prospects and customers regarding the collection and processing of their personal data?
- Created and tested processes to correct and delete all user data if needed?
- Developed a solution to give users their data in a portable electronic format?
Privacy design
Organizations that treat privacy as a core design principle will always be in alignment with data privacy regulations. In my consulting experience, I see many self-disciplined organizations that have historically had good privacy practices and have little to address with each new law. To get to that state, ask whether you have:
- Created or updated the policy and associated process to embed privacy into all technology and digital projects, including those outsourced to vendors and partners?
Data breach notification
For many organizations, the question nowadays isn’t whether the organization will have a breach, but rather when will it happen and how will they respond. To address regulatory breach aspects, ask whether the organization has:
- Created (or reviewed and updated an existing) data breach policy and response plan to reflect detection, notification, and the actions to mitigate loss?
- Considered and obtained insurance for a possible data breach and regulatory penalties that the organization may face but not be able to handle on its own?
- Incorporated data breach terms and requirements into all vendor and third-party contracts?
Data localization
New data privacy regulations state where data physically must be stored, and if transferred to another country, what are the requirements for doing so. Your organization will be well positioned to meet this requirement if it can answer:
- Have we identified and updated all cross-border data flows from the country where the data is collected, and reviewed data export for on-premise and cloud solutions?
Children’s online privacy considerations
Data privacy regulations are concerned with end users, but are even more strict about children and their online data protection and rights. It is best to get ahead of these issues by asking whether the organization has:
- Defined what data it collects from children, whether as a business practice or through efforts like “take your child to work day”?
- Are user notifications and online privacy statements written in a way that a child could understand them, and do they state that parental consent is required?
Contracting and procurement
Most businesses may struggle to understand exactly what personal user data is collected via websites, mobile applications, and other digital platforms, especially through third-party software solutions and vendors. To make sure that your organization isn’t caught out, ask whether you have:
- Reviewed and ensured that all vendors, customers, and third-party agreements reflect data regulatory requirements?
- Defined procurement processes such that privacy is integrated into all products and services the organization buys, including regarding data minimization, the visibility of onward data flows, and data ownership?
by Rene Street | May 27, 2019 | Uncategorized
Author, KRISTINA PODNAR is a digital policy innovator. For over two decades, she has worked with some of the most high-profile companies in the world and has helped them see policies as opportunities to free the organization from uncertainty, risk, and internal chaos. Podnar’s approach brings in marketing, human resources, IT, legal, compliance, security, and procurement to create digital policies and practices that comply with regulations, unlock opportunity, strengthen the brand and liberate employees.
Just as we have gotten used to the idea that the EU’s General Data Protection Regulation (GDPR) is a fact of life and have made modifications in our data collection procedures, the Brazil General Data Protection Law (LGDP), the California Consumer Privacy Act (CCPA), and waves of proposed new data privacy laws are swirling in the calm forewarning of a privacy tsunami heading our way. In the middle of such deep acronym swirls, it could be easy to be overwhelmed. However, all the privacy regulations share a number of commonalities and by addressing these now, you will be on high ground as the waves begin to pound.
The compliance life raft
While you will need to pay attention to the details of individual data regulations as they arise, whether already adopted, pending adoption, or only proposed, all the regulations share certain commonalities that you should consider addressing as part of ongoing operations.
Accountability and governance
At the heart of data privacy requirements is the aim to have organizations develop a plan to self-manage data in a way that respects end users. To address accountability and governance requirements in your organization, consider, have you:
- Reviewed the applicability and risk to the organization from data privacy issues, and considered alternatives, including insurance, in case you are fined?
- Mandated that data privacy become part of the policy program, including staff training, measurement, and compliance reporting?
- Clearly documented roles, responsibilities, and reporting lines to embed privacy compliance
Consent and processing
A fundamental privacy regulation concept is that end users are aware when and why their data is collected, and what happens to it once it’s given. To address these requirements, ask yourself whether you have:
- Reviewed that the data being collected and used is necessary and for the benefit of completing a desired action by the user?
- Identified sensitive data and ensured it is treated as such through the use of special encryption or by validating vendor storage practices for sensitive data, etc.?
- Confirmed that user consent for data collection is clearly captured and documented, and that user data can be modified or erased?
Notifications and data rights
Gone are the days of legalese or simply taking data from users because we can. Data privacy regulations require transparency, user awareness, and forthright behavior by businesses. To ensure you get this right, ask yourself whether the organization has:
- Written user notices clearly so they can be easily understood—properly targeted to children where relevant—and are reflective of specific data collection and usage purposes?
- Updated the internal organization’s data privacy policy to clearly state the rights of prospects and customers regarding the collection and processing of their personal data?
- Created and tested processes to correct and delete all user data if needed?
- Developed a solution to give users their data in a portable electronic format?
Privacy design
Organizations that treat privacy as a core design principle will always be in alignment with data privacy regulations. In my consulting experience, I see many self-disciplined organizations that have historically had good privacy practices and have little to address with each new law. To get to that state, ask whether you have:
- Created or updated the policy and associated process to embed privacy into all technology and digital projects, including those outsourced to vendors and partners?
Data breach notification
For many organizations, the question nowadays isn’t whether the organization will have a breach, but rather when will it happen and how will they respond. To address regulatory breach aspects, ask whether the organization has:
- Created (or reviewed and updated an existing) data breach policy and response plan to reflect detection, notification, and the actions to mitigate loss?
- Considered and obtained insurance for a possible data breach and regulatory penalties that the organization may face but not be able to handle on its own?
- Incorporated data breach terms and requirements into all vendor and third-party contracts?
Data localization
New data privacy regulations state where data physically must be stored, and if transferred to another country, what are the requirements for doing so. Your organization will be well positioned to meet this requirement if it can answer:
- Have we identified and updated all cross-border data flows from the country where the data is collected, and reviewed data export for on-premise and cloud solutions?
Children’s online privacy considerations
Data privacy regulations are concerned with end users, but are even more strict about children and their online data protection and rights. It is best to get ahead of these issues by asking whether the organization has:
- Defined what data it collects from children, whether as a business practice or through efforts like “take your child to work day”?
- Are user notifications and online privacy statements written in a way that a child could understand them, and do they state that parental consent is required?
Contracting and procurement
Most businesses may struggle to understand exactly what personal user data is collected via websites, mobile applications, and other digital platforms, especially through third-party software solutions and vendors. To make sure that your organization isn’t caught out, ask whether you have:
- Reviewed and ensured that all vendors, customers, and third-party agreements reflect data regulatory requirements?
- Defined procurement processes such that privacy is integrated into all products and services the organization buys, including regarding data minimization, the visibility of onward data flows, and data ownership?