Organizations all over the world are concerned about privacy and the protection of personal information and so are we! In recent years, new, extra comprehensive data privacy laws have been enacted or proposed, and it has become imperative for businesses of all sizes and across all industries to prioritize the protection of personal data. We have compiled a list of ten data privacy and protection guidelines from around the world that businesses as well as you should be aware of.
1. The right to privacy and the protection of personal data are fundamental rights. Privacy is internationally recognised as a fundamental human right, alongside the right to free expression and assembly, and is enshrined in the Universal Declaration of Human Rights and the International Covenant on Civil and Political Rights. Individuals’ right to privacy includes the ability to determine who has information about them and how that information is used.
2. If your company experiences a data breach that violates the new regulations, you must notify the Information Commissioner’s Office (ICO) within 72 hours of the incident. This short deadline allows you to report the nature of the breach as well as the approximate number of people affected by it. People who have been affected should also be notified, even if this occurs before the incident is reported.
3. Identity theft is the most common motivation. According to 2018 statistics, the vast majority of data breaches are intended to steal people’s identities rather than credit card information. Indeed, 65 percent of data breaches result in identity theft, which costs users approximately $1.9 billion per year.
4. Personal data now includes a wide range of information, such as photos, bank account information, social media usernames and posts, medical information and IP addresses.
5. The GDPR’s definition of personal data is broad. Under GDPR, this definition is expanded and explicitly includes information from which an individual can be identified directly or indirectly by reference to an identifier (a piece of information/data that distinguishes you).
6. Problems can arise as a result of outdated software and operating systems. You should update your operating system and software on a regular basis, not only for new features but also to make it more difficult for hackers to gain access to your system. Because software and operating system developers are aware of which elements have become vulnerable to hackers, they release updates that address these issues.
7. Pre-ticked boxes or requiring users to actively opt out of communications will no longer be permitted under the new regulations. Instead, a double opt-in process will be required. Prospects must check a box to sign up for marketing communications and then confirm via email.
8. Consumers whose personal information you have collected now have the “right to be forgotten”. Their data must be completely erased if requested. This would imply that the data controller is responsible for informing other organizations linked to them, such as Google, to delete all copies of the data.
9. A single antivirus solution is insufficient. It is unlikely that a single antivirus solution will protect you from all possible attacks. The best solution is to scan your systems, web content, and email attachments with multiple solutions to increase the likelihood of detecting a threat.
10. Full records of all data processed by an organization, including the type of data and its purpose, must be kept on file. All participants will need to be given much more detailed descriptions of the purpose of data collection.
That was a brief this listing of key things you must be aware of regarding data protection. Do share the article with all your friends and family and help them be informed. Also, do check out our other articles on cyber security.
