Data Privacy Day (Cue The Parade)!

Data Privacy Day

On Sunday, January 28, the United States, Canada, India and 47 European countries will celebrate Data Privacy Day, an international day established to raise awareness of the importance of data protection and to promote privacy and data protection practices. But did you know that the roots of this day didn’t first grow in American soil? The Council of Europe initiated the first European Data Protection Day in 2007. Then, in 2009, the U.S. House of Representatives passed a vote declaring January 28 as National Data Privacy Day annually.

The point of Data Privacy Day is to make individuals and companies aware of who is holding personal data and what are they doing to protect it. For companies, it is an opportunity to promote trust between them and their customers to protect data at all times. While this day isn’t yet as well-known and celebrated as some other major holidays, the message behind it is strong: all business and customer data is important and must be protected.

How does Data Privacy Day affect individuals?

Most individuals aren’t aware of what personal data of theirs is being captured and how it’s being used. Data isn’t exclusive to what people are voluntarily sharing online through social media platforms like Facebook and Twitter. Organizations constantly gather data on their customers (i.e. their shopping habits, airline seating preferences, etc.) and their Personally Identifiable Information (PII) (i.e. social security numbers, tax filing and return information, and medical records) – all of which must be protected continuously.

We all click on User Licenses when we install software or check the mailing list button on a website, but how many of us really know what data is being held and how companies are using it? For individuals, Data Privacy Day is a way to educate everyone on taking responsibility for their own data.

Are there misconceptions about cloud-stored data?

One big misconception is that data in the cloud is not secure. In most cases, data in the cloud is more secure than data outside of it. There is a massive, ongoing shortage of cyber and security resources worldwide so all/every resource available needs to be leveraged as part of an organizations’ security portfolio. Some cloud vendors have the security resources that many IT departments don’t have or can’t afford, creating an extra layer of security to protect the data. That said, not all cloud vendors are created the same, so due diligence needs to be performed.

How can cloud providers make sure data stays safe?

With the onset of General Data Protection Regulation (GDPR) in May 2018, organizations that conduct business in Europe have to take a serious look at how they protect PII and how well that data is secured. They are also required to gain permissions before using data for purposes other than the original intent. As a result, many organizations will have to provide more information about what data they hold and how they protect it.

GDPR will force organizations to enact several improvements in the coming months, including:

  • Understanding where PII data is held, how is it processed, how it is protected, and who has access to it
  • Encryption of data in all stages (at rest, in use, and in transit)
  • Revising internal processes to protect who has access to PII data within a company and ensure it is on a “need to know” basis
  • Revising current data retention policies to ensure only the data needed is stored
  • Implementing the ability for a customer to be forgotten. This will be a major undertaking for most companies but will result in substantial fines for organizations found in breach of GDPR.
  • Providing customer service capabilities to respond to customers who call to ask about their data or to be forgotten. This will be a major cost for companies going forward.

Any recommendations for anyone worried about data privacy and safety?

If you’re worried about your data (what’s being held and how it’s protected), you should first contact the vendor holding the data to ask what is being held. Then, take steps when providing your data either in-person or online – make sure you understand what data is being captured and how it is being used. We don’t have to become lawyers and read every contract, but at least be aware of the collection statements when entering data. When you have to provide data, be careful about what you opt to share and – if possible – share the minimum.

Thoughts on Data Privacy Day

Data Privacy Day is a great awareness tool and sparks much needed conversations both for individuals and organizations. Educating individuals and organizations on how to protect data is the first step in the battle for data privacy. The true data privacy lessons will come from enforcing regulations such as GDPR or when organizations attacked by cyber criminals quickly take action to fix the lack of data security practices. We need to take responsibility as individuals to protect our data. For those of us in IT, we need to think data protection in all that we do.

By Daren Glenister

Steve Prentice

Cloud-Based Financial Software Reinforces the 80/20 Rule of Business Management

Cloud-Based Financial Software Sponsored by Sage 50cloud Small businesses are known for being innovative and customer-focused in a way that their larger competitors cannot. This transforms into a significant advantage. In fact, the ability for ...
Dan Saks 1

How the Cloud Will Transform in the Next Decade

Transformative Cloud Silicon Valley is easy to stereotype: the gadgets, the startup perks, the culture and mentality. However, the real reason Silicon Valley captures headlines is its market dominance. The rise of the FAANGs—Facebook, Amazon, ...
Episode 4: The Power of Regulatory Compliant Cloud: A European Case Study

Episode 4: The Power of Regulatory Compliant Cloud: A European Case Study

An interview with Johan Christenson, CEO of CityNetwork With the world focusing on the big three hyperscalers, there is still room – and much necessity for – more local cloud providers who are better suited ...
Karen Gondoly

Lessons Learned When Moving to the Cloud

Moving to the Cloud Lessons At Leostream, we work with organizations around the globe that are moving workloads to the cloud. These organizations span a wide range of industries, vary in company size, and typically ...
Building a Robust Virtual Agent (VA) Rollout Strategy for DSPs

Building a Robust Virtual Agent (VA) Rollout Strategy for DSPs

Building a Robust Virtual Agent (VA) Rollout Strategy for DSPs Proven methods to increase VA containment & customer satisfaction The virtual agent’s market is at an all-time high and is garnering more and more interest ...
Mark Barrenechea

The Digital Era Moves Into The Information Era

We have entered the Information Era Building on the groundwork of automation, connectivity and computing power that defined digital, the Information Era is characterized by our unprecedented ability to capture, store and make sense of ...