Data privacy is a two-way street.
First, you have responsibility to protect your own data. You get to decide what data you will share, who gets it, and when. Your name, birthday, address, social security number, financial data, and medical records fall into this category, and every time you give this information out, take precautions.
You get a new doctor. You get a new privacy form. You fill it out and you usually sign off on their policy, which states how they are going to protect you. Have you taken the time to read what it says?
Or, you want to buy something new and engage with a vendor online. They look like a mom-and-pop shop down the street. But once you fill out that online form, you have agreed to share personal data with whomever is on the other end of that connection. And, if you’re not careful you may have inadvertently allowed them to share or resell your information to other third parties. This is common because your private information is very valuable, and even when an online company is going out of business, they may sell your information to other firms.
Let’s face it. Ninety-nine percent of us don’t read the fine print on privacy agreements. It’s become a formality that we’ve shrugged off as a checked box. We rush to the bottom of the form so we can complete a transaction. Again, beware. Know with whom you are sharing information.
The second owner in data privacy is every organization for which you want to share this information. This is your doctor, your lawyer, your credit card company, your life insurance agency, your bank, your school, your government, and any retail company.
Organizations that hold sensitive data are stewards of confidentiality and anonymity for people they serve. These organizations have a responsibility to you to handle your personal data carefully and securely.
If there is a failure in protecting personal data, the damage can be far reaching. There are internal problems to fix, however, overarching governing bodies make it their business to ensure violations that occur come with penalties. State, federal, and international laws relating to privacy include: HIPAA (Health Insurance Portability and Accountability Act), GDPR (General Data Protection Regulation), and the CCPA (California Consumer Privacy Act). These are three of the most common regulations, however more states are beginning to form their own laws pertaining to privacy.
Here are a few important data privacy reminders for consumers and businesses.
If you are a consumer, raise your own awareness by following these recommendations:
- Consider your personal information like money. It is an asset you need to protect.
- Make your passwords long and strong. 16 characters is recommended.
- Tweak your privacy settings. Review them and reign them in where you can sleep at night without sacrificing online freedom.
- Redefine your comfortability on social media. Be careful what you share and with whom.
- Disable WiFi or Bluetooth when not in use.
- Avoid using public wireless networks or hotspots.
- Keep your applications up to date. If you are not using them, get rid of them. Your home screen will be a little more manageable.
If you are a business owner, or manage an organization that collects personal information, here are your reminders relating to data privacy:
- If you collect it, protect it. Data security in itself is a beast, which means every entry point into your network must be secure.
- Know where you are storing it, and how to access it.
- Know the laws that govern what you collect. As we stated earlier, there are many new pieces of legislation that will impact everything about this critical subject.
You know, everything we talked about here isn’t new. It’s a lot of common sense. Having a day (like Data Privacy Day!) to remind us of these precautions is a good thing.
The next step is to align yourself and your organization with the right technology to help you achieve better data privacy. And, that just so happens to be what we do for our clients.
Contact Arctic IT today if you’d like to get a better handle on your data privacy and security.
By Phillip Jackson, Chief Information Officer at Arctic IT