January 28 has traditionally been Data Privacy Day but this year, the National Cybersecurity Alliance (NCSA) has expanded this initiative into Data Privacy Week!
Data Privacy Week – taking place from January 24 to January 28 – is an annual campaign that generates awareness about the importance of data privacy, highlights easy ways to protect personal information, and reminds organizations that respecting & protecting privacy is good for business.
In our interconnected world, it’s no secret that data security is a critical component of an organization’s reputation. In fact, according to a survey conducted by McKinsey, 87% of consumers would not do business with a company if they had concerns about its security practices.
Did you know that 60% of small-and-medium-sized businesses shut down within 6 months after falling victim to a data breach?
Simply put, a data breach can destroy a business. People quickly fall out of trust with an organization that suffers a data breach and take their business elsewhere. Damage control after the breach can take months, if not years, and cost an organization millions of dollars in lost revenue.
As a registered Data Privacy Champion, Digital Industry is committed to helping people learn how to manage and protect their valuable online data. During this week-long initiative, we will be sharing information on how to up your privacy game and better protect your personal and corporate data.
To kick things off, below is a list of tips you can follow to improve your organization’s data privacy practices and better protect your information at home.
Privacy Tips For Businesses
- Conduct an assessment: Conduct an assessment of your data collection practices. Whether you operate locally, nationally, or globally, understand which privacy laws and regulations apply to your business. Follow reasonable security measures to keep individuals’ personal information safe from inappropriate and unauthorized access and make sure the personal data you collect is processed in a fair manner and only collected for relevant and legitimate purposes.
- Maintain oversight: Don’t forget to maintain oversight of partners and vendors. If someone provides services on your behalf, you are also responsible for how they collect and use your consumers’ personal information. And as last year’s slew of supply chain attacks have shown, third-party breaches can be just as hard-hitting as if your company was attacked directly.
- Adopt a privacy framework: Researching and adopting a privacy framework can help you manage risk and create a culture of privacy in your organization by building privacy into your business. Get started by checking out the following frameworks: NIST Privacy Framework, AICPA Privacy Management Framework, ISO/IEC 27701 – International Standard for Privacy Information Management
- Educate employees: Create a culture of privacy in your organization by educating your employees of their and your organization’s obligations to protecting personal information. Educate employees on your company’s privacy policy and teach new employees about their role in your privacy culture during the onboarding process. Engage staff by asking them to consider how privacy and data security applies to the work they do on a daily basis. Better security and privacy behaviors at home will translate to better security and privacy practices at work. Teach employees how to update their privacy and security settings on work and personal accounts.
Privacy Tips For Individuals
- Understand the privacy/convenience tradeoff: Many accounts ask for access to personal information, such as your geographic location, contacts list, and photo album, before you even use their services. This personal information has tremendous value to businesses and allows some to even offer you their services at little to no cost. Make informed decisions about whether or not to share your data with certain businesses by considering the amount of personal information they are asking for, and weighing it against the benefits you may receive in return. Be thoughtful about who gets that information and wary of apps or services that require access to information that is not required or relevant for the services they are offering. Delete unused apps on your internet-connected devices and keep others secure by performing updates.
- Manage your privacy: Once you have decided to use an app or set up a new account, check the privacy and security settings on web services and apps and set them to your comfort level for information sharing. Each device, application or browser you use will have different features to limit how and with whom you share information.
- Protect your data: Data privacy and data security go hand in hand. Keep your data secure by creating long, unique passwords and storing them in a password manager. Add another layer of security by enabling multi-factor authentication (MFA) wherever possible, especially on accounts with sensitive information. MFA has been found to block 99.9% of automated attacks when enabled and can ensure your data is protected, even in the event of a data breach.
