These days, it seems that new laws regarding data privacy are being put into place everywhere in the world. However, why should you or your IT team be concerned about what’s happening with data protection if it isn’t happening in the UK? The truth is that data privacy should be a top priority regardless of which laws may currently be in place or where.
What You Can Do To Increase The Focus On Privacy
Increasing the focus on data privacy begins with understanding the needs of the various departments in your company.
You need to know what kind of data is important to all departments. What data they need to keep and why should be your first question. Then, you need to be aware of how long they must keep their information. Once you know the answers to these questions, you can know what impact each department’s data retention needs will have on your ability to control data privacy.
The industry your company is in will also play a role in your ability to keep data private. You need to know and understand the industry and what is required from your company in order to comply with industry regulations. This can include legal issues, contracts and statutes of limitation, all of which will affect data privacy.
Taking A Second Look
Although you may conduct regular inventories of your data, it’s a good idea to reconsider the data being kept as well as the solutions that are in place to store it. The goal should be to reduce the exposure of customer and employee data, but keep an amount of data that is sufficient to meet the requirements of your company.
The efficiency of your data storage solutions also need to be reconsidered. For example, if the amount of space required for data storage has grown beyond what your company can handle, it may be time to seek a managed service.
Legal Matters
The current state of data legislation, as well as the scope of possible future changes, must be well-known by your team. Despite the UK’s recent decision on EU membership, new data laws imposed by the EU will still affect UK businesses, as they apply to any entity that holds European data, regardless of whether that entity is in or outside of the EU.
Under these new laws, for example, you must consider that consumers will have the right to transfer their data from company to company, such as when switching from one online retailer to another. Consumers will also have the right to have their information completely forgotten, including their entire web history, if they request it.
Any serious data breaches which occur with any tech firm will have to be reported within 72 hours to regulators. As well, a data protection officer will need to be appointed by any company which handles significant amounts of data.
Considering the many legislative and other changes centred on the privacy of data, it makes sense to always keep the privacy of customers and employees at the forefront of your concerns. The best approach is to be aware of how much personal information is being kept, and how your company and your department handle it.
At the same time, the focus needs to be on best practices, not only for the handling of data, but also the handling of devices which may hold, store or transfer it.
Dealing With Your Assets
Hard drives, mobile phones, USB keys and DLT tapes are all used to access, store and transfer data. As a result, they must be handled with the utmost security, both while being used and when it’s time to discard them. Data sanitisation is the best way to ensure that sensitive data doesn’t get into the wrong hands when you reuse or resell your assets.
We use Blancco software to ensure that all of your devices are completely wiped of data. You know all of your assets are secure at all times, as they never have to leave your premises.
