Why does data privacy matter?

By: Elliott Stapleton

If you ignore data privacy and protection, you risk substantial fines and, more importantly, irreparable damage to your company’s goodwill.

For business owners, it is crucial to consider your processes and to schedule annual compliance check-ups.

What do business owners need to know about data privacy?

There are foundational elements that all businesses which collect data need to know. I’ve summarized some key points to consider:

  • Secure informed consent before any collection or use of personal information, and re-seek consent if data obtained later reused for a purpose other than the one for which consent was initially provided. If your company pivots, your policies must also pivot.
  • Maintain a robust security practice for all data against risks such as loss or unauthorized access, destruction, use, modification, or disclosure of data.
  • Regularly review (at least annually) the industry’s standard and go a step beyond that standard.
  • Don’t transfer data to a third party you know (or should reasonably know) will use for discriminatory, fraudulent, or otherwise illegal purposes. Transfers to third parties should only occur if included in the privacy policy.
  • Pursue privacy by design approach, which includes a method of protecting privacy by embedding the protection into your infrastructure’s technical specifications. This approach provides consumer opt-outs and limits information collection to what is necessary.
  • When possible, create a simple, legal jargon-free option for customers regarding handling their data and easily accessible consent options.
  • Enable transparency on the company’s privacy and security practices. If you do it, you disclose it.┬áThis includes providing clear disclosure obligations.
  • Support all claims with objectively verifiable evidence. If we say it, we can provide proof of it (including the policy itself).
  • If you collect any personal data on anyone in the European Union, you must comply with the GDPR: https://gdpr.eu/compliance-checklist-us-companies/

What to do next?

An actionable plan with the items above addressed can protect your company, customers, shareholders, and employees.

Feel free to reach out to our office to schedule a time to discuss your data privacy questions.