Data privacy refers to the handling of personal data. When it comes to their personal information, people have very specific rights. We need customer and employee personal data to run our business successfully. We are trusted to look after this essential information. Mishandled data can have serious repercussions for us, our colleagues and our customers. Each and every employee has a responsibility to understand how to handle and protect personal data.
The Privacy Principles
COMPLIANCE WITH THE LAW AND ACCOUNTABILITY:
means we are responsible for, and are able to show compliance with the law.
FAIR AND LAWFUL PROCESSING:
means we must only collect and use personal information that is relevant.
SHARING OF PERSONAL INFORMATION:
Unless we obtain consent for sharing, we are not allowed to share the personal information with any 3rd party.
TRANSFER PERSONAL INFORMATION ACROSS BORDERS:
means we have to follow legal requirements which may include notification of the individuals.
INFORMATION QUALITY & ACCURACY:
Personal information must be accurate and be kept up to date.
PROTECTING PERSONAL INFORMATION:
we have to keep personal information safe.
RIGHT OF ACCESS:
means people can ask free of charge, what personal information we hold about them, what it is, and who we have shared it with. And they can ask to have it corrected or deleted.
The Global Data Privacy Landscape
As data controllers we need to comply with the data protection regulations and rules and make sure you are familiar with them as well.
U.S. Data Privacy
In the U.S., data privacy is protected under a complex framework of federal and state law. Federal laws protecting personal information are sector-specific, including personal health information, educational information, children’s information, and financial information. These different kinds of personal information are protected under an “alphabet soup” of specific federal laws, including:
- The Health Insurance Portability and Accountability Act (HIPAA)
- The Family Educational Rights and Privacy Act (FERPA)
- The Children’s Online Privacy Protection Act (COPPA)
- The Gramm-Leach-Bliley Act (GLBA)