Data Privacy Basics: High School Experiences Provide 3 Key Lessons For Business
I often recall the “adventures” I had with my closest friends back in high school. We kept these shared experiences to ourselves with the knowledge that if our peers or parents found out, it would be embarrassing at best and punishable at worst. Over time, the memories have faded or have lost their significance, but the details helped us build a profile of each other: our likes and dislikes, lifestyle preferences, spending habits and more.
The information businesses gather is not that different. For example, we share shopping experiences with consumers, gathering their preferences in products, their contact information, and their financial account data. These shared experiences help us build profiles of and relationships with consumers, which are key to generating revenue and keeping businesses thriving. But with our increasing ability to collect and analyze personal information, consumers have grown concerned about how we protect their data. Forty-six states have responded with statutes to protect their residents.
Business stakeholders need to comply with the laws of each state in which their consumers (and employees) reside, a complex undertaking at best. However, there are three basic lessons we learned in high school that can help. As was the case when we were teenagers, the cost of taking these steps is low, but the cost of failing to safeguard information can be high.
Set expectations. Close friends implicitly know how much personal information they can share. For consumers, you need to be explicit by creating and sharing a privacy policy. This internal document lets employees know what personal information they may collect and how to protect it. And it defines how your business respects the responsibility of protecting personal information.
Based on the policy, make a privacy notice available for consumers. It should tell them what personal information you collect, how it's collected, and how you protect it. It's vital to do what you say in these documents, or the damage that could be done to your brand will significantly affect your revenue.
Keep personal information to yourself. If you broke a friend's trust, you'd probably lose the friend and have difficulty finding new ones. The same is true with customers.
Protecting information you have collected with computer safeguards such as encryption, firewalls, and anti-virus software is critical. Depending on the complexity of your IT infrastructure, many of these items are part of modern operating systems or available at reasonable cost.
In addition, your business practices may involve sharing information with suppliers and service providers. A review of these practices will determine if you share too much information or are putting information at risk.
Forget things over time. As time passes, we forget the details of some things and forget others completely. These memories added to our experiences, but they have lost their individual value to us. The same is true for personal information you have collected.
Establishing a data retention and disposal policy will set guidelines for your staff to destroy information that's no longer useful. An immediate, bottom-line benefit is that you'll free up data storage space, saving you money. More importantly, you cannot lose what you don't have. n
Bob Siegel is founder and chief
privacy strategist at Privacy Ref, a Westborough-based provider of data privacy and security services for
small businesses. Email him at
bob.siegel@privacyref.com.
Read more
WBJ Web Partners
Most Recent
Most Recent
0 Comments