It might seem incongruous to publicly celebrate privacy. Nevertheless, today there is clearly an expectation that sensitive data must be kept private. Considering that many organizations don’t know how to effectively safeguard data, it’s really not that incongruous to spur them on by shouting about data privacy from the rooftops—and even making a day of it.
Data Privacy Day takes place every year on January 28 and serves to generate awareness of the importance of privacy and protecting personal information. This year’s theme is one of encouraging individuals to “Own Your Privacy” and businesses to “Respect Privacy.”
At Protegrity, one of our core tenets is that privacy is a fundamental human right, and our aim is to protect the digital privacy of businesses and their customers around the globe. We believe the way to accomplish this is to focus on people first, not just data and technology. The numbers support us.
Data Privacy by the Numbers
- By 2023, Gartner predicts that 65 percent of the world’s population will have its personal data covered under modern privacy regulations, up 10 percent from 2020. As cyber-attackers continue to develop increasingly sophisticated hacking methods, it’s imperative for organizations to prioritize modernizing their data privacy standards and tools.
- Seventy percent of organizations surveyed by Cisco said they have seen “significant” business benefits—including operational efficiency, agility, and innovation—from prioritizing data privacy. Preserving data privacy is not an impediment to innovation. When data privacy is done right, organizations can confidently use their data to drive advanced analytics and AI initiatives.
- Smart use of data drives results. By incorporating secure AI into customer experience (CX) strategy and marketing initiatives, 24 percent of organizations surveyed by the IBM Institute for Business Value said they are able to make quicker, more informed decisions. A commitment to protecting customers’ sensitive data must underpin every CX initiative.
Data-Privacy Tips for Businesses
Privacy, at its core, is fundamental to creating trust, especially when customers are confident that sensitive digital information is safeguarded. Here are nine tips to consider when trying to protect sensitive information in your organization:
- Create a company culture that highly prioritizes data security and privacy. Emphasize to employees and staff at all levels that security is everyone’s responsibility.
- Start by securing your business at the data level, not the perimeter. As more data is used outside the network perimeter, adopt an inside-out, rather than an outside-in approach to data protection.
- Use fine-grained data-protection methods to reduce risk and achieve compliance without slowing down mission-critical data analytics and AI/ML initiatives.
- Remember: Your cloud provider is responsible for securing the cloud infrastructure; you are responsible for securing your data, especially as it moves to and from the cloud.
- Establish role-based access control systems within your organization to control who sees what data.
- Incorporate privacy by design into your software development lifecycle (SDLC). Data privacy and security are integral to each other and should be prioritized throughout the SDLC.
- Establish a dedicated data-security role within your organization responsible for overseeing all data-security and data-protection strategies.
- Breaches are all but inevitable (SolarWinds, anyone?), so focus on protecting sensitive data via encryption or pseudonymization to ensure that if the data is ever accessed by a cybercriminal, the sensitive elements will be worthless.
- While true anonymization is the most foolproof way to secure data, it renders that information permanently unusable with protection that cannot be undone for future AI, ML and analytics projects. Using encryption, tokenization, or pseudonymization to secure sensitive data will allow for future use.
Data-Privacy Tips for Individuals
For your customers and for all individuals, protecting personal data privacy does not solely rest in the hands of businesses. How people share data, use apps, and even dispose of mail can compromise data privacy. Here are six tips for how individuals protect privacy:
- Be smart about how, where, and with whom you share seemingly innocent, but very personal, information. Many social media questionnaires that ask for your pet’s name, the street you grew up on, or your first car can be phishing traps.
- Treat your personal information as if it’s cash and be judicious when making the decision whether or not to share your data with a business. Consider the amount of personal information they are asking for and weigh that against the benefits you are receiving in exchange.
- Regularly check your internet browser, device (phone, computer, or tablet), and app privacy settings to ensure they are aligned with your comfort level for information sharing.
- Turn off location services to any apps that don’t need it for basic functionality. Yelp, Uber Eats, and Wayz all require your location to work properly. Facebook, Instagram, and TikTok don’t need unfettered access to your current location. And for those that do require your location, consider only allowing this access when the app is in use.
- Rip out and shred or obscure your name and mailing address before disposing of or recycling regular mail and packages as a way to prevent identity theft.
- Before you share information at your workplace, a business, your child's school, or a doctor's office, ask why they need it, how they will safeguard it, if you are required to share it—and what the consequences of not sharing are.
Data Privacy Day might be celebrated every January 28, but data privacy should be a priority every day of the year—for both businesses and individuals. To learn more about Data Privacy Day, please visit https://staysafeonline.org/programs/data-privacy-week/about/, or follow #PrivacyAware and #DataPrivacyDay on social media.