| Article Index |
|---|
| Data Privacy |
| Examples of Private Information |
| A Look at the Law |
| According to PCI Regulations |
| Developing a Data Privacy Strategy |
| Final Thoughts |
| All Pages |
DATA PRIVACY FOR YOUR BUSINESS
Businesses of all sizes, not just big companies, are held accountable for complying with federal and state customer data security and privacy laws. As a matter of fact, customers have become extremely nervous about doing business with your organization, regardless of its classification.
Did you know:
- 85% of Americans are worried about becoming victims of identity theft.
- 64% of consumers say they have decided not to buy a company's product or service because they did not know how the company would use their personal information.
- 58% of consumers say if they were confident a business followed its declared security and privacy policies, they would recommend that business to family and friends.
Source: Privacy & American Business1.
There is a huge misconception among information security professionals today that data privacy laws are not applicable to private companies, but are only designed for publicly traded companies, government organizations or large financial institutions. This is not the case. Whether your company is public or private, large or small, today's information privacy regulations may affect you and your organization on many different levels, not just financially and legally.Failing to integrate good security practices within a private organization can affect a company's bottom line, customer retention, business reputation and employee morale. In fact, there are dozens of privacy laws pertinent to all types of companies and more are on the way. These issues cover all facets of the information security landscape where governments and individuals are insisting on accountability from private corporations to control their data.
Categorizing public and private information to review what is considered private and non-public information, this means what is not generally available from public records or commercial sources. Non-public information can include information that is protected from disclosure by law or by custom, such as medical records, employment records, tax returns and personal financial records. Typically, private information can only be released to the subject of the information and to those individuals who have a legitimate need-to-know, outside entities with the subject's written permission and others as allowed by law. A few examples of private information for businesses can include: