If you ignore data privacy and protection, you risk substantial fines and, more importantly, irreparable damage to your company’s goodwill.
For business owners, it is crucial to consider your processes and to schedule annual compliance check-ups.
What do business owners need to know about data privacy?
There are foundational elements that all businesses which collect data need to know. I’ve summarized some key points to consider:
- Secure informed consent before any collection or use of personal information, and re-seek consent if data obtained later reused for a purpose other than the one for which consent was initially provided. If your company pivots, your policies must also pivot.
- Maintain a robust security practice for all data against risks such as loss or unauthorized access, destruction, use, modification, or disclosure of data.
- Regularly review (at least annually) the industry’s standard and go a step beyond that standard.
- Don’t transfer data to a third party you know (or should reasonably know) will use for discriminatory, fraudulent, or otherwise illegal purposes. Transfers to third parties should only occur if included in the privacy policy.
- Pursue privacy by design approach, which includes a method of protecting privacy by embedding the protection into your infrastructure’s technical specifications. This approach provides consumer opt-outs and limits information collection to what is necessary.
- When possible, create a simple, legal jargon-free option for customers regarding handling their data and easily accessible consent options.
- Enable transparency on the company’s privacy and security practices. If you do it, you disclose it. This includes providing clear disclosure obligations.
- Support all claims with objectively verifiable evidence. If we say it, we can provide proof of it (including the policy itself).
- If you collect any personal data on anyone in the European Union, you must comply with the GDPR: https://gdpr.eu/compliance-checklist-us-companies/
What to do next?
An actionable plan with the items above addressed can protect your company, customers, shareholders, and employees.
Feel free to reach out to our office to schedule a time to discuss your data privacy questions.
Business Law Articles:
- Dissolution of an Ohio LLC
- Data privacy and Internet Law
- What happens to your business when you die?
- Changes for Cincinnati Business Owners
- Owning a Horse and Estate Planning in Ohio – Avoiding Probate with a Trust
- Due-On-Sale Clause
- Changes for Cincinnati Business Owners
- Exempt Interests in Ohio – Asset Protection Planning
- Business Owners Guide to Copyright Claims Board
- Taxation for a Single Member LLC
- Changes to the Ohio LLC Act