October 29, 2014
Information security is becoming a greater concern for businesses of all sizes.
Legislation of data privacy is an emerging field of law, and in the next several years, it may have global implications. Currently, there is no comprehensive law that regulates data. There are several state laws and guidelines put out by agencies on the matter, but these are meant to fill a void rather than be proactive measures for security. The amount of recent breaches has reinforced the fact that data privacy is going to be front and center in the legal arena in the coming years.
The Extent of Personal Data Available
For personal data privacy, lines are even more blurred. There is no set answer for what rights a person has online. Even discovering what information you have agreed to share with a company in the past is not necessarily transparent. In California, a right to know bill has been proposed to address that very situation, mandating companies to share with customers the data they’ve collected from them.Many internet users are unaware of the data they give permission to be mined on a daily basis. Companies and government agencies screen information, blurring the privacy line. Businesses that focus on the internet and technology must be particularly watchful for new legislation to ensure their own practices are not infringing upon the rights of others.
Ensuring Your Data Privacy
If a company has an online presence for trade, or if it keeps any client or customer information, seeking counsel about data privacy is a good idea. Being proactive with data privacy will prevent companies from fighting in court over the gray areas that exist in data privacy legislation today.
A starting place for companies is to be very secure with any information they have. Only keep data if it’s used for a specific need and only if it can be done in a secure manner. Retain recent data exclusively. Instating a policy of transparency about information is also beneficial; it reassures individuals that data is only being kept for their benefit and the needs of the company. However, it’s also important to have a policy and process in place for allowing individuals to see their data. Personal identification should always be verified.
Thanks for reading,
Rob Connary, President - COO