Well, if Star Wars (May 4) and doughnuts (first Friday in June) can have their own day, you would hope a day might be dedicated to reminding us all about the importance of privacy and increasing awareness of ways we can empower ourselves and our clients to better use and protect personal information. Data Privacy Day began as Data Protection Day in Europe. The day commemorates the signing of Convention 108, the first legally binding international treaty dealing with privacy and data protection. As the Convention was signed on Jan. 28, 1982, Data Privacy Day is observed annually around the world on Jan. 28.
So, like many reflections you might ponder this time of year, let Data Privacy Day serve as the perfect time to stop and reflect on how your company is using personal information. Do you know:
- What personal information you collect and why?
- From whom you collect personal information?
- With whom you share personal information?
- Which law(s) or contracts may apply to your use of personal information?
- Where, both physically and technically, you store personal information?
- The safeguards in place around your personal information?
- Administrative safeguards (i.e. policies, procedures, contracts)
- Technical safeguards (i.e., encryption, firewalls, 2 factor auth.)
- Physical safeguards (i.e. passkeys, locks, IDs, visitor mgmt.)
If you don’t know the answers to these basic questions, you really should wonder if you should be using personal information. The good news is that if you don’t know the answers, you are not necessarily alone. You can do a lot to find out the answers in a short period time. It doesn’t have to be complicated or expensive, but you have to get started and put a plan in place.
So, let Data Privacy Day be your new year’s resolution to get serious about data protection. Who knows? You might learn a lot about your company, its business and maybe find ways to improve both! And, as always, please celebrate responsibly.