A core component of most privacy policies is personally identifiable information (PII). PII covers a broad range of information, from the basic contact information (e.g. name, address, email, phone, Social Security number) to medical records and biometric data. Any data that can be used to trace identity may be considered PII, which is protected under various laws and regulations.
Your business is collecting massive amounts of data about website visitors, customers, and employees. You’re likely storing this information in various databases and using it for business purposes. That leaves information vulnerable to misuse, theft or compromise.
- What PII your business is collecting, from the obvious — name and contact information — to the less obvious — credit card information, credit scores or transaction data
- How your company uses the collected data and for what purposes: If it is used for future communication, internal analysis or research studies. It’s important to be open about usage
- With whom you share information, including what is shared, when and why: This is an increasing focus of new privacy laws. And it needs to be detailed and clear in your policy
- How customers can see what PII is collected and stored
- Ways to correct or update their PII your business has collected
- Recourse customers have if there is a data breach
What States Have Data Privacy Laws?
The California Consumer Privacy Act (CCPA)is considered the most comprehensive state law related to data privacy. However, each state has some form of data privacy protection and more are likely to follow the Golden State’s lead.
While the United States does not have a federal consumer data privacy law, the European Union passed the General Data Protection Regulation (GDPR)recently, providing protection to EU residents.
If your business operates in multiple states or in Europe, these laws likely apply. In addition, establishing and using your privacy policies is an important first step to remaining on the right side of the law. And avoiding costly penalties.
To learn more about data security issues and privacy policies, contact the local managed IT services provider.
How to find interim staff for your organization
With the enlistment of ranking staff, requiring a great deal of time and cash venture, a developing number of organizations…