By: Linda Coniglio, Director of Data Privacy and Information Governance | Innovative Discovery
Fact: 68% of business leaders feel their cybersecurity risks are increasing. It goes without saying, then, that if data privacy and security have been on your mind, or a more frequent topic of discussion at your organization, you’re not alone.
Data Privacy Day is about raising awareness
Many executives, managers, and other leaders have questions about the privacy regulatory landscape. To help answer those questions and raise awareness about Data Privacy issues, Data Privacy Day is an annual event taking place on January 28th. It aims to educate and empower individuals and organizations to respect privacy, safeguard data and enable trust.
Key objectives about data privacy law
At Innovative Discovery, we track the many laws, regulations and standards that impact the way our organizations collect, store, protect and govern corporate data. Not everyone needs to be privacy or security experts, but everyone needs to know and do enough to understand and apply these laws and underlying principles to daily work activities. Here’s a high-level overview of major privacy regulation objectives:
- Individuals have the legal right to control their data and take recourse if companies don’t respect those rights. The protection of Personal Information (PI) from internal and external bad actors is paramount for organizations and their vendors.
- Individuals must be notified in simple-to-understand text when their data is being collected, for what purposes it is used and with whom it is shared or sold. Individuals must be given a simple, convenient way to opt-out. However, some laws specify opt-in is the requirement.
- Employees must be trained to reduce risk involved when governing personally identifiable information of both customers and employees. Understanding and respecting privacy helps earn customer trust and avoid penalties.
Finally, we are really at the beginning of a data privacy regulation wave, so-to-speak. The big kahuna of privacy regulations starts with the European Union and General Data Protection Regulation (GDPR). This regulation is widely considered the global standard for privacy protection and is many times the starting point for laws in the US and other countries. For example, in the US, the California Consumer Protection Act went into effect January 1st, 2020.
As with any other significant regulatory or industry change, it’s better to stay in front of the wave with a proactive plan, rather than being reactionary to the consequences of a violation or breach. Whether you’re ready to implement change now or later, the following information can serve as a guide and plan to setting you and your organization up for success! Learn more about data privacy law compliance.