Data protection affects almost everybody and everything that we do. From high-street and online shopping, banking, booking holidays, to tracking exercise activity.
Whilst most of us are generally aware of the risks involved when sharing personal data, we may not fully grasp the potential impact of unauthorised access to our information. We may also not appreciate there are ways we can better protect our sensitive data.
Data Protection Day is celebrated, every year, on 28 January, which is the anniversary of the Council of Europe’s data protection convention being opened for signature.
To celebrate Data Protection Day (typically known as Data Privacy Day outside Europe), governments and organisations around the world carry out activities to raise awareness of the importance of protecting our personal information.
Here are some of the ways you could mark Data Protection Day, and ways you can become more informed about data protection.
Keeping Personal Information Private
A vital lesson regarding data protection is to understand the impact of handing over our personal information.
We often leave trail without realising it, posting about our lives and activities on social media or open forums. At other times, when we sign up for a service or purchase a product, we’re often asked to supply information about ourselves upfront.
Sometimes this is necessary, and the information requested is reasonable in the circumstances. For example, if you’re paying for a product, you clearly need to hand over your payment information. But other times we should question why we’re being asked to provide details, seemingly irrelevant to the transaction.
Why, for example, would we need to provide an email address when buying something in a high-street shop or why would we need to create an account to read an article on our local newspaper’s website?
It’s easy to just accept these sorts of practices without questioning and say that it’s just how the world works these days. But every time we hand over personal information, we create one more place from where our personal data could be taken and misused and increasing the chance that we could become victims of identity fraud.
The bottom line is that we all need to think more carefully before handing over personal data in day to day transactions. Every time you are asked for personal information, you should question whether it’s reasonable and whether you are comfortable with the person or organisation holding it.
When you are asked to provide your personal information, you should ask yourself what you’re getting in return. The organisation may use the data to improve your user experience, but make sure you know who will have access to the information you share? You should also check whether a third party could access the data for a purpose you would not be so happy with.
A useful tip is to review the privacy and security settings on the websites you use. Also check privacy settings on your browser. Each website or browser may have different features to limit how personal data will be used and who it will be shared with.
We strongly recommend securing your data by creating unique passwords and storing them in a password manager. This greatly reduces the risk of cyber criminals guessing your passwords but means you don’t have the burden of having to remember multiple complex passwords. You should also use multi factor authentication if it’s available.
Data Protection at Work
A Data Protection Day Event is a great way to drive public awareness of the risks related to sharing personal data, although for organisations these risks must be addressed more than once a year so an event, should you hold one, must be part of a running program of activities.
Data Protection should be embedded within your core business policies. The introduction of the GDPR (General Data Protection Regulation) and its UK equivalent has greatly increased the burden on organisations to manage people’s personal data responsibly, and it gives supervisory authorities (ICO in the UK) the power to impose significant fines for anyone that fails to meet the legal requirements.
Security for Data Protection
It’s important to note that data protection isn’t only about regulatory compliance. A robust Information Security Management System (ISMS) can do much to tackle the ever increasing threat of data breaches and cyber attacks. A UK government study found that 38% of small business were targeted by criminal hackers last year. That’s not insignificant.
Help with Security and Data Protection
If your organisation would like assistance help securing personal information and creating strong security and data protection policies, please feel free to contact us https://krypsys.com/contact-us/
Happy Data Protection Day 2023!