In honor of Data Privacy Day, the National Cyber Security Alliance recently hosted Twitter chat titled, “Respecting Consumer Privacy.” See below for responses that were tweeted live during the chat by Quanterion Solutions.
Question 1: A key message for businesses this #DataPrivacyDay is “Respect Privacy.” What are some basic things companies can do to enhance consumer privacy?
Answer (1 of 2): When you collect #consumerdata, make sure you have a need-to-know. #Dataprotection is much easier when you only collect what you need. Then, limit access to only the employees who need that info.
Answer (2 of 2): Don’t forget about proper data disposal. If you are removing #data, follow industry standards to securely destroy it.
Question 2: How can organizations communicate their #privacy practices to consumers and/or customers?
Answer (1 of 3): Be transparent about your data collection & protection. Don’t rely on your #privacypolicy; most customers won’t read it. Notify the customer & ask for permission every time #senstivedata is collected.
Answer (2 of 3): Notifications should state the reason for #collectingdata, where the #data will be stored, how it will be protected & any necessary disclaimers about the data use.
Answer (3 of 3): Don’t forget to include the #datacollection, #dataprotection & #data use info in your #privacypolicy! Although many customers won’t read it when signing up, it must be there to refer to if they have questions at any time.
Question 3: Employees are an integral part of a workplace’s privacy culture. How can businesses educate their employees about protecting customer data?
Answer (1 of 3): Assess your existing #privacy strategy. What’s working? What’s not? How can you improve? What types of #dataprivacy standards do your customers expect? Then, decide what training is needed to improve your #privacy strategy.
Answer (2 of 3): One of the most important things you can teach your employees is to only collect data when necessary & to protect all #personalinfo. Also, train them in appropriate #privacy standards for when info is collected.
Answer (3 of 3): View this tip sheet by @staysafeonline titled, “5 Ways to Help Employees Become Privacy Aware” staysafeonline.org/resource/5-ways-help-employees-privacy-aware
Question 4: With new privacy legislations going into effect, how can orgs understand which privacy laws and regulations apply to their business?
Answer: View qualifications for each new legislation such as company location, size, customer location & more. Determine if your company meets those qualifications. If you’re unsure, reach out to the point-of-contact for the regulation.
Question 5: What are some best practices for creating a privacy strategy for an organization?
Answer (1 of 2):
1. Analyze all existing #privacypolicies, standards & other #privacy communications in your org to consider in your privacy strategy.
2. Identify the types of info your org will be collecting.
Answer (2 of 2):
3. Decide which #privacylaws apply to your org.
4. Create employee policies & procedures.
5. Design a way to monitor & track #networkaccess.
6. Plan a response for a #securitybreach.
7. Create a plan for #securityaudits.
Question 6: What are the resources that organizations can leverage to create a privacy posture?
Answer: View these #privacy resources for organizations: quanterion.com/data-privacy-day-2021-resources and this infographic titled “Are You Doing Enough to Protect Your Customers’ Data?” staysafeonline.org/resource/protecting-customer-data
Question 7: Where can businesses look to learn more about respecting and safeguarding customer #privacy?
Answer: View #dataprivacy tips for both individuals & organizations here: quanterion.com/data-privacy-day-tips
and this @staysafeonline resource that includes data privacy advice for organizations: staysafeonline.org/data-privacy-day/about-dpd
Question 8: Do you have any other resources to share with the chat for #DataPrivacyDay?
Answer: DataPrivacyDay information: quanterion.com/quanterion-data-privacy-day-champ
Data Privacy tips: quanterion.com/data-privacy-day-tips
Data Privacy resources: quanterion.com/data-privacy-day-2021-resources
Data Privacy events: quanterion.com/data-privacy-day-2021-events