As the leader of a global privacy team, I promote privacy best practices every day, and I always welcome the opportunity to talk about the importance of privacy to individuals and organizations. Did you know that January 28 is Data Privacy Day? The annual celebration is becoming more popular and helps serve as a reminder that privacy matters each and every day.

Everyone has a role to play when it comes to privacy because everyone has personal data—whether it is their own personal data or the personal data of others. Poor privacy practices can lead to unwanted access to and misuse of personal data. This can result in harm and mistrust. Everyone should have a reasonable degree of privacy knowledge to help reduce these risks.

Here are some quick tips to keep in mind.

Privacy is about more than just sensitive details

When I ask people who don’t work in privacy what they think privacy programs and laws protect, they often refer to health information, tax records or bank accounts. While all of those are correct, personal data includes many other types of information such as a resume uploaded to a job site, use of a fitness or games app, internet search and browsing history and social media activity, including photos, likes and comments. It is important to be aware of the many types of personal data you may share throughout the day in many different environments, whether online or in person.

Bad security practices can put your privacy at risk

You have likely heard this guidance before, but it’s worth repeating. Don’t use common, easily guessed passwords, the same password for many (or all) websites, or share passwords with others—even people you may know and trust. Why? If your account is compromised on one site, then it opens the door for unauthorized access to your other accounts with a shared password. The same holds true for writing passwords down or storing them in text form on your phone. You should also pay attention to your surroundings, such as sharing sensitive information on the phone in a public area or sharing more information than you need to complete the task. When you handle personal data with care, you reduce the risk of the information being compromised.

Browser beware

Pay close attention to the websites you visit, even those that might not expressly ask for any personal information. If you don’t see a privacy notice on the site, that may be a sign that the website owner has not focused on privacy compliance. Be thoughtful about what personal information you share on the internet and consider whether you are sharing in a section of the website open to the public (such as a chatroom) or privately (such as through a secured form). You’ve likely seen cookie notices asking you to confirm or accept a website’s use of cookies to proceed. Take time to review the options presented to you, as they often determine how the site stores and uses your data. 

While individuals can take steps, such as the tips above, to protect their personal information, organizations collecting and using personal information have privacy obligations they must meet. Failure to comply with global privacy laws and reasonable privacy practices puts those organizations at risk for fines, penalties and reputational damage.

Learn more

To learn more about privacy, risk and how companies like Red Hat manage their privacy compliance obligations, check out this episode of Security Detail where I share my perspective.

Technology will continue to evolve and this will lead to even greater privacy implications. Companies and individuals must remain vigilant about taking appropriate measures to protect personal information. You play a critical role in protecting the privacy of information that may be important to you, your friends and loved ones, or your employer. Keeping privacy top of mind is a great way to play your part.

 


저자 소개

Clarence Clayton is Senior Manager of the Global Privacy Team at Red Hat. He has been with the company since 2013 and leads a team responsible for the management, implementation and growth of Red Hat’s Global Privacy Program and helping ensure the company complies with global data privacy laws. He is a Certified Information Privacy Manager (CIPM), Certified Data Privacy Solutions Engineer (CDPSE) and Project Management Professional (PMP). With over twenty years of experience in Business Systems Analysis and Program Management, he has a demonstrated track record of success across various industries including Technology Services, Consulting and Government.

Read full bio