On January 28th, we celebrated Data Privacy Day: an international effort to empower individuals and business to respect privacy, safeguard data, and enable trust.

Defendify was a Champion of Data Privacy Day again this year, and as part of our commitment we’ve gathered a few of our key takeaways from Data Privacy Day 2020—from big privacy topics for Small Business to a noteworthy new resource.

Privacy is Good for Business

One of the National Cyber Security Alliance’s key points around privacy couldn’t be more true in 2020: privacy is good for business, especially for cybersecurity-first companies. Your customers, whether you sell B2B or B2C, are becoming increasingly aware of (and concerned about) their information. Transparency and communication show that you can be trusted—a competitive advantage in a world of uncertainty about personal data.

Stepping up to the plate on privacy means doing more than just having a privacy policy in place: it’s truly and holistically focusing on privacy in your organization. It’s understanding the difference between privacy and security and how the two work together. It’s building a culture where customer privacy is encouraged and respected by all. It’s protecting your employees’ privacy in the workplace and educating them about how to protect their own privacy at home.

Next Step: Download the Privacy is Good for Business Tip Sheet for key concepts around data privacy for your business.

Who do you trust with your data?

“If you’re not paying for the product, you are the product.” While this common saying isn’t always true to the letter, the idea is that when you use a free service, you’re usually making an indirect contribution. Often, you’re simply viewing ads that the company can sell to make a profit. But sometimes, and more relevantly, you’re sharing another “product” the company can use and sell: your data.

While regulations work to provide individuals more ownership over their data, companies aggregating and selling information is a part of life in today’s world. But with even some security software companies being criticized for selling users’ information—and not as anonymously as they might like—it’s smart to be cautious when using third-party tools in your business.

Next Step: Begin evaluating the vendors and services you use (even the free ones!) through a lens of security and privacy to help you make an informed decision.

The NIST Privacy Framework

The National Institute of Standards and Technology (NIST) Privacy Framework is a new resource that aims to help organizations identify and manage privacy risk to build innovative products and services while protecting the privacy of individuals. Version 1.0, published in January 2020, was created as a collaboration between government, academia, and industry stakeholders.

Similar to the existing NIST Cybersecurity Framework, the Privacy Framework is a voluntary tool and isn’t specific to laws or regulations—it shares best practices for privacy risk management, privacy design, and individual protections. It can be used to support building customer trust, meeting compliance objectives, and improving privacy practices in your business.

Next Step: Check out the Privacy Framework on NIST’s website, familiarize yourself with the key concepts, and consider taking steps towards implementation.

Data Privacy Day is held on in January every year, but for Small Business, data privacy is a concern year-round. Stay #PrivacyAware out there!

Stay Safe,

Your Friends @ Defendify