Stay protected: Data Privacy Week 2022

Data Privacy Week originated in the United States and Canada in 2008 to commemorate the signing of Convention 108. This was the first legally binding international treaty in data protection. The focus of Data Privacy Week is to spread awareness around online privacy and educate people about how to keep their data secure. Throughout the week, the National Cybersecurity Alliance (NCA) encourages organizations to be more transparent about how they collect and use customer data.

What is data privacy?

Data privacy refers to best practices in which to collect and manage data based on its sensitivity and importance. But what is considered sensitive data? Common examples include financial information, medical records, ID numbers, and contact information.

Transparency for your organization

Start by auditing your organization’s data privacy policies. Acknowledge how you acquire consumer data and respect your consumer’s privacy by being clear about how you plan to collect and use data. This will set up your business and brand for success in the long run.

A recent study from Pew Research Center found that 79% of Americans are concerned about how their data is being used by companies. They do not have confidence that companies will take responsibility if their personal information gets compromised. Maintaining transparency about how you collect, use, and share consumers’ personal data is an effective strategy for building trust with your customer base and enhancing your brand reputation.

Ways you can be transparent:

• Include a brief disclaimer at the top of contact forms that explains how and why the collected information will be used.

• Conduct an audit of how you are currently collecting data.

• Adopt a privacy framework to help manage risk and create a culture of data integrity within your organization.

• Establish monitoring activities and integrations across internal teams.

• Include opt-in and unsubscribe options.

• Avoid asking for information you don’t need.

Tips to share with your team

The ever-changing regulatory environment and growing need for data security can make it challenging for leaders to manage their teams’ data privacy.

Here’s what you can do to keep your teams’ data private and maintain a security-first environment :

1. Change passwords frequently, every 60-90 days is recommended.

2. Implement a password management tool like LastPass, Dashlane, or LogMeIn.

3. Consider using “do not track” browser plug-ins.

4. Enable two-factor authentication (2fa) for high-value accounts.

5. Become familiar with common phishing attempts to help your team recognize and avoid phishing attacks.

6. Manage data access to limit the possibility of unintended exposure.

Data Privacy Laws

Data privacy is enforced by a variety of legal regulations in the United States. Although the United States does not have a singular federal law that covers all types of data, there are multiple laws designed to target specific data types used in special circumstances. Notable laws include HIPAA, GDPR, CCPA, and others. Non-compliance can lead to fines and/or loss of brand authority. Be sure your organization understands and is educated on data privacy.

To keep up with advancing technology, experts are predicting significant changes and additions to privacy laws in 2022. To learn more, read The Year Ahead: Privacy Developments in 2022.