Jan 22-28 is Data Privacy Week. Data Privacy Week is an annual campaign to spread awareness about data privacy and educate individuals on how to secure their personal information.
Respecting the privacy of your customers, staff, and all other stakeholders is critical for inspiring trust and enhancing reputation. According to the Pew Research Center, 79% of U.S. adults report being concerned about the way their data is being used by companies. By being open about how you use data and respecting privacy, you can stand out from your competition.
Be transparent about how you collect, use, and share consumers’ personal information. Think about how the consumer may expect their data to be used. Design settings to protect their information by default. Communicate clearly and concisely to the public what privacy means to your organization, as well as the steps you take to achieve and maintain privacy.
Here are a few steps toward building a culture of respecting data at your organization:
- CONDUCT AN ASSESSMENT
Assess your data collection practices. Understand which privacy laws apply to your business, and remember you will have to think about local, national, and global regulations.
- Generate and follow security measures to keep individuals’ personal information safe from unauthorized access
- Make sure the personal data you collect is processed in a fair manner and only collected for relevant and legitimate purposes
- Don’t forget to maintain oversight of partners and vendors as well -- if another organization provides services on your behalf, you are also responsible for how they collect and use your consumers’ personal information
- ADOPT A PRIVACY FRAMEWORK
Research how a privacy framework can work for you. A privacy framework can help you manage risk and create a culture of privacy in your organization. It is a way to build privacy into your organization's foundation. Get started by checking out the following frameworks:
- NIST Privacy Framework
- AICPA Privacy Management Framework
- ISO/IEC 27701 - International Standard for Privacy Information Management
-
EDUCATE EMPLOYEES
Your employees are the frontlines toward protecting all the data your organization collects. Create a culture of privacy in your organization by educating your employees of their and your organization’s obligations to protecting personal information:
- Create a privacy policy for your company and ensure your employees know it
- Teach new employees about their role in your privacy culture during the onboarding process.
- Engage staff by asking them to consider how privacy and data security applies to the work they do on a daily basis. Better security and privacy behaviors at home will translate to better security and privacy practices at work.
- Remind employees to update their privacy and security settings on work and personal accounts. Learn more.
Data Privacy Tips for Individuals
Sources: National Cybersecurity Alliance (NCA), staysafeonline.org