How to Keep Your Customers' Sensitive Information Protected This Data Privacy Day

January 28 is Data Privacy Day, an international event with a mission to empower individuals about their data privacy rights and encourage businesses to respect privacy, safeguard data and enable trust. Many businesses collect sensitive or confidential personal data from their customers as part of everyday business operations. It’s important for small business owners to recognize the importance of data privacy, keep data safe from hackers and promote safe, responsible management of customer data.

In light of Data Privacy Day, we’d like to offer a few tips for how business owners can honor their commitment to keeping their customers’ privacy safe, with best practices and tools for data security and data privacy.

Data Protection and Privacy Changes Over the Last Year

Data privacy has become even more essential during the events of the last year, as millions of workers have started working from home in new ways, sometimes using personal devices for work purposes. Businesses need to be prepared to adjust their protocols for information security and data privacy in a remote world.

The health implications of the pandemic have also had an effect on data privacy. Contact tracing and medical records have become front and center for fighting the pandemic from a public health perspective, while needing to strike a balance with preserving individuals’ rights to their privacy as medical patients. The World Health Organization (WHO) put out a statement in November 2020 saying that any data collection, data usage or data processing that is part of fighting COVID-19 should be “rooted in human rights and implemented with due regard to applicable international law, data protection and privacy principles.”

Clearly, data privacy is top of mind. If your business needs to collect or manage sensitive data for your customers, whether it’s patient information or financial data or credit card numbers, Data Privacy Day is a useful annual reminder to strengthen personal data protections.

Top Data Privacy Precautions for 2021

The conditions of 2020–2021 are not necessarily bringing new threats to information security and data privacy, but the way people live and work now is causing more people to be vulnerable to scams.

Kevin Coleman, executive director of the National Cyber Security Alliance (NCSA), told Security Boulevard that “while we really haven’t seen new scams crop up as a result of the growing number of remote workers, what we have seen is the proliferation of the existing scams,” such as phishing schemes.

The Federal Trade Commission (FTC) has identified several coronavirus scams, such as fake contact tracers asking for confidential information, phishing emails claiming to be from reputable organizations offering vaccines and cures and scammers trying to trick people into giving money to fake charities. Be aware of the latest scams, train your employees on what to watch out for and help your people understand how to recognize scams and protect themselves (and your company) from fraudsters.

Best Data Privacy & Cybersecurity Tools for Businesses

Not every small business needs a full suite of enterprise-grade data privacy and cybersecurity security tools. But no matter what size your business is, there are a few tools that you should consider using to help protect your business’s data privacy and any customer data that you have to maintain.

• Password Manager: One of the most important data privacy protocols you can use is for your business is creating complex, hard-to-crack passwords. By using better passwords, you make it harder for hackers to break into your accounts or get into your system. Password managers like Dashlane and 1Password can help you create and use multiple secure passwords to protect your accounts from getting hacked. You won't have to worry about forgetting your password either or running the risk of using duplicate passwords across multiple sites.
• Two-Factor Authentication: One of the simplest steps you can take to protect your privacy, as a consumer or for your business, is to sign up for Two-Factor Authentication (2FA), also known as “multi-factor authentication.” When you use 2FA, you make your accounts virtually hacker-proof. Even if someone guesses your password, they cannot access your account unless they know an additional piece of information, such as a PIN sent to your mobile phone. Check out TwoFactorAuth.org for more info on which sites and organizations offer 2FA and how to sign up.
• Secure Messaging Apps: Many businesses use Facebook to engage with customers and accept customer inquiries via Facebook Messenger. It’s fine to participate in social media, but be aware that most “Big Tech” companies like Facebook and Google make money by using your data to sell ads. If you need to have more sensitive, private business conversations, there are other options for more secure messaging, such as the Signal app or even Apple's iMessage. These encrypted messaging tools have a higher standard of privacy than mainstream social media messaging.

Tips to Protect Data Privacy at Your Business

The Federal Communications Commission (FCC) recommends several cybersecurity tips for small businesses to help strengthen your data privacy protections, including:

1. Train employees on how to use strong passwords and how to use data security protocols to protect customer information.
2. Update your security software. Keep your systems clean with security software and antivirus software; make sure they are updated regularly to stop the latest threats.
3. Get firewall security. There is free firewall software available to protect your network from attacks. Check out this review of the best firewalls for small business in 2021.
4. Make a plan for mobile devices. What happens if your business’s mobile devices (laptops, phones, tablets) get lost or stolen? Make a plan to password protect your devices and encrypt the data so thieves can’t access your customer data or other sensitive business information.
5. Control access to your business computers. Every employee should have their own user account and login.
6. Use secure Wi-Fi networks. This can be done by securing your router and using strong passwords. Never access important company files while using a public or guest Wi-Fi network.

Don't forget about your website. Your business website is one of your biggest tools to reassure customers about their data privacy. Make sure to create a privacy policy for your website, explain how customer data is collected and used (if at all) and make guarantees about how you will never sell or disclose customer data to third parties. You can get a Privacy Policy Template with Bizee’s Contract Library.

Taking your customers’ data privacy to a new level of security in 2021 will be essential as we continue to battle threats to information security and data privacy. Use this Data Privacy Day to strengthen your data privacy plan for the protection of yourself and your business.