Articles

10 data privacy ‘manager-approved’ best practices

Businesses collect a mind-bogglingly large amount of data everyday and implementing a comprehensive data privacy program isn’t easy. It can require changing mindsets, securing budgets, changing vendors, maintaining process inventories, holding training events, adopting a privacy governance model, new levels of accountability and more.

Are you exhausted after reading the previous sentence? Yes, it can be resource-intensive and demanding.

These days, businesses are aren’t just improving data privacy protections to comply with regulations; an increasing number of businesses recognize that stronger data privacy measures add new business value. Data privacy protections can function as competitive differentiators, can limit actual data breaches, and can reduce costs associated with breaches.

Get ready for data privacy day on January 28th, and share these data privacy best practices among your colleagues and peers.

  1. Adopt an enterprise data governance strategy. Develop a vision and confirm that the governance strategy aligns with overall corporate objectives and growth plans. Make sure that businesses and functional leadership approve of and support new data governance initiatives ahead of implementation.
  2. Show program value. Develop realistic goals and expectations for your business’s data governance programs. Benchmark appropriately. Take a straightforward, no-nonsense approach. Measure program success to ensure program alignment.
  3. Know your data. Ensure that the appropriate persons within your organization are aware of what data is being collected, which data is used for analytics purposes, and which data you’re not using. Dispose of data that your business has on-hand but doesn’t actually need, as it may pose undue security risks. After all, cyber criminals can’t steal what’s not there.
  4. Review your data collection process. Look at the policies and collection practices in place. Then, find out about exactly what kind of information your organization collects and is potentially liable for protecting. Previously, businesses operated in the “more data is better” mindset. But avoid collecting data simply to have it available for unspecified future use, as it will impose storage costs and security stress.
  5. Implement password protections. By some estimates, nearly 80% of data breaches are connected to password theft. Ensure that your employees turn on multi-factor authentication where possible, and use password managers. Security professionals can also implement role-based access controls and password reuse detection solutions.
  6. Backup your data. Secure data backups are part of strong business continuity plans. If cyber criminals get ahold of business data, they can hold it hostage for long windows of time, or they may simply delete it altogether. Data can also be compromised via natural disasters; from fires to floods. If you haven’t already, consider implementing the 3-2-1 approach to backups.
  7. Security for backups. Cyber criminals don’t need to break into your networks in order to steal your data. They can steal it from backup vendors’ devices or networks. Ahead of signing agreements, evaluate your backup storage group’s security measures.
  8. Inform your clients. As many as 50% of consumers are uncomfortable with amorphous and opaque data privacy practices. While you obviously won’t share every detail about your security practices, providing consumers with a general overview of measures in place to protect data can help build trust, loyalty and a competitive brand identity.
  9. Communicate policy changes. Assign a person or a department the responsibility of communicating with external parties and clients about data privacy changes. Messages should be written in plain language, and some experts recommend including a mechanism that allows consumers to provide feedback pertaining to any privacy policy changes.
  10. Ask thoughtful questions. Drive new conversations around appropriate leadership, structure, resources and supports for addressing data privacy management. Inquire about and explore how your businesses’ efforts align with industry standards and competitors’ data privacy programs.

Conclusion

As many as 97% of brands have benefitted from putting a higher premium on data privacy. Specifically, they’ve zeroed in on at least one benefit available via privacy investments. For 75% of brands, at least two positive outcomes were recorded after improving data privacy measures.

Although implementing new data privacy approaches can appear daunting, end results typically justify the efforts.

Interested in more data privacy resources? Click here. Lastly, please join us for the premiere cyber security event of the year, CPX 360 2022. Register here.

Back to top button