Protecting Privacy More and more aspects of our lives are connected to the internet, thanks to computers, gaming systems, household assistants, home robots, TVs, tablets, smartphones and wearables. This is the Internet of Things (IoT), the connections of our devices and the exchange of data from those devices over the internet to other devices or systems. This is why it is important to understand how our privacy may be affected by these exchanges and what personal information is used, collected and shared by organizations. Although IoT devices make it easier to connect to the world around us, they can also track and collect personal information – information about us, such as our activities, behaviors and interests, as well as contacts, photos, videos, location, health information, and financial details. Why Privacy Matters The data on our devices and apps can be stored indefinitely and used in both beneficial and unwelcome ways. Even seemingly innocuous information – such as our favorite restaurants or items we purchase – can be used to make inferences about our socioeconomic status, preferences and more. Some companies sell this information, and it may be used to build a larger profile based on cumulated data about us, which can contain information about our habits, interests, buying patterns, and health. Privacy settings on social media platforms do not always prevent personal information from being shared beyond the intended audience or alert users when their information has been shared. Online shoppers must be careful to protect their personal information and ensure that they are doing business over secure networks (e.g., https). E-commerce is an environment ripe for cybercrime with millions of consumers’ banking information, addresses, browsing preferences and other personal information potentially available. Advances in health care technology, such as digital record-keeping and internet-connected medical devices, come with a risk. Medical organizations and insurance companies, collect large volumes of data, including Social Security numbers, financial information, medical history and current health status. This data can be immensely valuable to cybercriminals and cause deep emotional stress if it is compromised, stolen or shared. Consumers should understand how their data is collected, used and shared to make informed decisions about data sharing and the risks associated with it. Managing Our Data Privacy We take our smart devices with us. Our smartphones, fitness trackers or smart watches are with us throughout the day. The apps on them can track and provide data about us and our habits. Following these basic privacy tips to help us better manage our personal information. Personal information is like money: Value it. Protect it. Information about us, such as our purchase history, location, contacts list or where we shop has monetary value. Be thoughtful about who is allowed access to it. Read the privacy policies, notices and user agreements, and make sure you agree with how your information will be used. Periodically review privacy settings. Set the privacy and security settings – and regularly review them – on web services and devices to your comfort level for information sharing. Each device, application or browser has different features to limit how and with whom data is shared. It is prudent we check these regularly and adjust them where needed. (Get direct links to update settings on popular devices and online services.) Share with care. Think before posting about ourselves and others online. Consider what the post reveals, who might see it and how it could be perceived now and in the future. Apply the golden rule online. Post only about others as we have them post about us. Keep a clean device. Keep all software, operating systems (both mobile and desktop) and apps up to date to protect against data loss from infections and malware. Delete unused apps. Protecting Our Data Data privacy and data security go hand in hand. Follow these steps to help protect your data: Use long, unique passwords. Thanks to automation, once a bad actor has compromised one password, they can easily bounce it around other sites to gain access to other accounts. Having long, strong and unique passwords for each account thwarts these “easy hacking” efforts and makes it much harder for hackers to crack a password in the first place. User password managers. Password managers have redefined data protection for individuals by providing a consolidated and secure hub for individuals to store their information. Password managers can generate unique, secure passwords and automatically store them. Use multi-factor authentication. When enabled, MFA can ensure data is protected, even in the event of a data breach. Advice for Businesses & Organizations Protecting your customers’ privacy is a competitive advantage. Respecting consumers’ privacy is a smart strategy for inspiring trust and enhancing reputation and growth. Below are some tips to instill transparency and trust: If you collect it, protect it. Follow reasonable security measures to keep individuals’ personal information safe from unauthorized access and use. Transparency builds trust. Be open and honest about how you collect, use and share consumers’ personal information. Think about how the consumer might expect their data to be used and design settings to protect their information by default. Build trust by doing what you say you will do. Communicate clearly and concisely to the public what privacy means to your organization. Document and share the steps your organization takes to protect data and maintain privacy. Assess your data collection practices. Whether you operate locally, nationally or globally, understand and comply with the privacy laws, regulations and requirements that apply to your organization’s collection and use of personal information. Prioritize third-party cybersecurity and data protection practices. Organizations are responsible for how the third parties that they share data with handle and protect that data. Standards for the collection, use, maintenance and destruction of personal information must be upheld to the same level when this information is in the hands of third parties. Have a rigorous checklist in place to ensure your partners are taking data privacy and protection as seriously as your organization does. Adopt a privacy framework. Knowing how personal information is being used and protected within your organization helps to assess the risks and determine what steps are necessary to mature data protection. Researching and adopting a privacy framework can help you manage risk and create a culture of privacy in your organization by building privacy into your business practices. Embedding privacy at the start and throughout the data life cycle helps ensure that privacy practices are proactive rather than reactive. Educate employees. Ongoing training and awareness campaigns for employees are a must for organizations today, especially as the digital world becomes more and more driven by remote work. Related Resources Data Protection & Privacy
Protecting Privacy More and more aspects of our lives are connected to the internet, thanks to computers, gaming systems, household assistants, home robots, TVs, tablets, smartphones and wearables. This is the Internet of Things (IoT), the connections of our devices and the exchange of data from those devices over the internet to other devices or systems. This is why it is important to understand how our privacy may be affected by these exchanges and what personal information is used, collected and shared by organizations. Although IoT devices make it easier to connect to the world around us, they can also track and collect personal information – information about us, such as our activities, behaviors and interests, as well as contacts, photos, videos, location, health information, and financial details. Why Privacy Matters The data on our devices and apps can be stored indefinitely and used in both beneficial and unwelcome ways. Even seemingly innocuous information – such as our favorite restaurants or items we purchase – can be used to make inferences about our socioeconomic status, preferences and more. Some companies sell this information, and it may be used to build a larger profile based on cumulated data about us, which can contain information about our habits, interests, buying patterns, and health. Privacy settings on social media platforms do not always prevent personal information from being shared beyond the intended audience or alert users when their information has been shared. Online shoppers must be careful to protect their personal information and ensure that they are doing business over secure networks (e.g., https). E-commerce is an environment ripe for cybercrime with millions of consumers’ banking information, addresses, browsing preferences and other personal information potentially available. Advances in health care technology, such as digital record-keeping and internet-connected medical devices, come with a risk. Medical organizations and insurance companies, collect large volumes of data, including Social Security numbers, financial information, medical history and current health status. This data can be immensely valuable to cybercriminals and cause deep emotional stress if it is compromised, stolen or shared. Consumers should understand how their data is collected, used and shared to make informed decisions about data sharing and the risks associated with it. Managing Our Data Privacy We take our smart devices with us. Our smartphones, fitness trackers or smart watches are with us throughout the day. The apps on them can track and provide data about us and our habits. Following these basic privacy tips to help us better manage our personal information. Personal information is like money: Value it. Protect it. Information about us, such as our purchase history, location, contacts list or where we shop has monetary value. Be thoughtful about who is allowed access to it. Read the privacy policies, notices and user agreements, and make sure you agree with how your information will be used. Periodically review privacy settings. Set the privacy and security settings – and regularly review them – on web services and devices to your comfort level for information sharing. Each device, application or browser has different features to limit how and with whom data is shared. It is prudent we check these regularly and adjust them where needed. (Get direct links to update settings on popular devices and online services.) Share with care. Think before posting about ourselves and others online. Consider what the post reveals, who might see it and how it could be perceived now and in the future. Apply the golden rule online. Post only about others as we have them post about us. Keep a clean device. Keep all software, operating systems (both mobile and desktop) and apps up to date to protect against data loss from infections and malware. Delete unused apps. Protecting Our Data Data privacy and data security go hand in hand. Follow these steps to help protect your data: Use long, unique passwords. Thanks to automation, once a bad actor has compromised one password, they can easily bounce it around other sites to gain access to other accounts. Having long, strong and unique passwords for each account thwarts these “easy hacking” efforts and makes it much harder for hackers to crack a password in the first place. User password managers. Password managers have redefined data protection for individuals by providing a consolidated and secure hub for individuals to store their information. Password managers can generate unique, secure passwords and automatically store them. Use multi-factor authentication. When enabled, MFA can ensure data is protected, even in the event of a data breach. Advice for Businesses & Organizations Protecting your customers’ privacy is a competitive advantage. Respecting consumers’ privacy is a smart strategy for inspiring trust and enhancing reputation and growth. Below are some tips to instill transparency and trust: If you collect it, protect it. Follow reasonable security measures to keep individuals’ personal information safe from unauthorized access and use. Transparency builds trust. Be open and honest about how you collect, use and share consumers’ personal information. Think about how the consumer might expect their data to be used and design settings to protect their information by default. Build trust by doing what you say you will do. Communicate clearly and concisely to the public what privacy means to your organization. Document and share the steps your organization takes to protect data and maintain privacy. Assess your data collection practices. Whether you operate locally, nationally or globally, understand and comply with the privacy laws, regulations and requirements that apply to your organization’s collection and use of personal information. Prioritize third-party cybersecurity and data protection practices. Organizations are responsible for how the third parties that they share data with handle and protect that data. Standards for the collection, use, maintenance and destruction of personal information must be upheld to the same level when this information is in the hands of third parties. Have a rigorous checklist in place to ensure your partners are taking data privacy and protection as seriously as your organization does. Adopt a privacy framework. Knowing how personal information is being used and protected within your organization helps to assess the risks and determine what steps are necessary to mature data protection. Researching and adopting a privacy framework can help you manage risk and create a culture of privacy in your organization by building privacy into your business practices. Embedding privacy at the start and throughout the data life cycle helps ensure that privacy practices are proactive rather than reactive. Educate employees. Ongoing training and awareness campaigns for employees are a must for organizations today, especially as the digital world becomes more and more driven by remote work. Related Resources Data Protection & Privacy