Skip to content
As an executive, you likely need to share a lot of information with your assistant for the relationship to be successful. This can include calendar visibility, email sharing, personal account passwords, credit card information, and financial documents.
As such, it’s essential to have security and privacy practices in place to keep your data is safe when working with a remote executive assistant. The same goes for working with a remote EA service, like Headroom, where you may interact with several different assistants for your subscription. In this case, you’ll want to make sure you’re choosing a company that prioritizes data security.
But no matter what kind of executive assistance service you choose, here are some steps to ensure safe information sharing, security, and privacy when working with your assistant (including many that we at Headroom have already implemented).
Global compliance: Explained
Before we hop in and explore the 6 ways you can keep your data secure, let’s take a quick look at how different regions view data security.
North America
In the United States, there isn’t one singular law or policy that covers all types of data. In contrast to Europe’s overarching GDPR law, US data is governed by a mixture of federal and state laws. According to the New York Times, unless a specific state has its own data protection law, there are no federal laws regulating companies. This means that businesses “can use, share, or sell any data they collect about you without notifying you that they’re doing so.”
At Headroom, we take a different approach and ensure that we’re complying with all and any stringent US regulations. Our strict privacy measures ensure we can work with publicly traded companies, giving our customers additional protection and peace of mind.
Europe and GDPR
GDPR stands for General Data Protection Regulation. It is a European Union law that came into effect in May 2018. Basically, GDPR states that any information an EU citizen gives to a business will be protected by the government. In addition, companies must disclose how they will process that information, why they’re collecting it and how they will use it.
How does this affect remote executive assistants and the people who hire them? Like any business operating with customers or employees in the EU, remote executive assistants must be GDPR-compliant. Anyone who fails to comply can face a fine of up to 20 million euros.
At Headroom, we’re proud to say we’re GDPR compliant, as outlined in our Privacy Statement. But you can also chat with us to find out how exactly we make sure we’re up-to-date with GDPR.
6 ways to keep your data secure when working with a remote executive assistant
So you’ve decided to work with an executive assistant, but you want to ensure you can safely share sensitive information with them.
For many reasons, data security is more important than ever in 2022. As evidenced by GDPR, laws and consumer protections are increasing, meaning businesses have more responsibility to keep information secure. But, as well, cyber-attacks remain an ever-present reality.
Growing startups and small businesses can’t risk a reputation-ruining data breach or afford the large fines involved with non-compliance. Plus, you’ll never earn back the time and money an EA can save you if you’re constantly dealing with data breaches.
Here are a few ways to ensure the safe sharing of information with an executive assistant, including the EAs at Headroom.
1. Have them sign an NDA
If you are hiring an assistant, either full-time or part-time, it’s important to have a nondisclosure agreement (NDA) in place. This will protect both you and the assistant from any confidential or sensitive information being shared.
As we do at Headroom, both parties should sign an NDA, assistant and executive. It should cover all data that the assistant will receive from third parties and you while working with you.
Make sure that the NDA is appropriate for your needs and the type of work your assistant will be doing. For example, if your assistant will be supporting you with personal tasks outside of company work, you may want to draft an additional NDA specifically for this purpose.
2. Use a password manager
Password managers like LastPass or 1Password are essential security measures, and they can also be extremely helpful for your assistant to access your accounts.
With a password manager, your assistant can easily and securely:
- Submit expense reports
- Review LinkedIn messages and invitations
- Book flights or hotels
- Respond to meeting invites, and more.
This saves you the hassle of sharing individual log-in information directly with your assistant, which could unsafely live on in your shared email or chat history.
Using a password manager means that only you and your assistant, who has signed an NDA, can view accounts containing sensitive data.
At Headroom, we use a secure sharing and storing password manager for passwords and other sensitive information. This way, your data is protected at all times.
3. Use two-factor authentication for important log-ins
Whenever you use a password manager, your Google account, or a similarly sensitive online account, you should enable two-factor authentication. This adds an extra layer of protection to an account, making it significantly harder for someone else to access your sensitive information.
When you set up two-factor authentication (2FA) for an account, you should receive an SMS message or a notification through another authentication app each time you try to log in.
Most password managers, including LastPass, include 2FA in their plans.
At Headroom, we use 2FA for logging into password managers and other accounts containing sensitive information.
4. Establish clear security protocols ahead of time
Before beginning any work with your EA, it is crucial to establish clear security protocols for the handling of sensitive information ahead of time. This way, everyone involved understands what measures they need to take to keep the data safe and can plan accordingly.
This may sound similar to having your EA sign an NDA, but it goes one step further. Your business likely has its own data security processes and policies — make sure your EA is familiar with them or has taken the same training the rest of your employees have.
5. Do a background check
In addition to careful screening during the interview process, all EAs at Headroom agree to background checks by a third party before we hire them. This ensures we are hiring only the most trusted, qualified, and professional candidates in the field.
Even if you don’t choose Headroom, we recommend you also run a background check before hiring an EA to ensure that data breaches are not a part of their job history.
6. Use an encrypted connection for communication
Headroom provides an encrypted, password-protected connection between their clients and their EAs. Nothing travels across the web unencrypted, and your communications are end-to-end encrypted. For example, you and your EA can share a password that only you two know.
This level of secure communication is not something that every executive assistant service can offer, but it definitely has its benefits, especially if your EA is helping you with business strategy. So keep it top of mind on your hunt for the right assistant.
Data security is important to your EA relationship
We hope by now we’ve convinced you how important data security is to the relationship between an EA and an executive. Even for more personal assistant-related tasks like scheduling family events, shopping, and booking haircuts, you want to make sure your emails, passwords, and other personal info are in safe hands.
Luckily, with services like Headroom, this kind of security doesn’t have to be complicated. If you want to fully implement a solution that works for you and your EA, talk to us about our data security policies today.
