Top Tips for Data Protection
Virtually all businesses generate &/or collect data.
Protecting employee and customer information is a top priority for all businesses especially with an increase in remote work, digitisation and cyber security threats.
Virtually all businesses generate &/or collect data.
Protecting employee and customer information is a top priority for all businesses especially with an increase in remote work, digitisation and cyber security threats. Unauthorised data access can have serious consequences for your business.
What is personal information?
Personal information is any information where you can identify an individual.
For example:-
- name
- signature
- address, email, telephone number, date of birth
- medical records
- bank details
- photos and videos
- IP address
- opinions which can be used to identify them
Top Tips on how to protect personal information
1. Understand the risks. Identify what personal information is being collected and where it is being stored. Remember data can be collected and stored on phones and laptops, as well as your centralised computer system.
2. Have a centralised monitoring system. A central system will allow you to monitor your servers and databases, track any hack or data breach in your network of devices, and supply backup power to servers in case of power outages or maintenance.
3. Update all computers, networks and printers with the latest technologies and software. Install security antivirus software on your computers and mobile devices that is updated regularly. Even consider a firewall in place to screen incoming and outgoing traffic.
4. Secure your WIFI network and passwords. You should change the password to your WIFI network every 3 months. Making sure that any password is long – with symbols, numbers and capital letters. You might also implement multi-factor authentication at critical points. If operating out of an office, use your own WIFI network, not a public or sharing one.
5. A data protection officer – make sure someone is responsible for your data protection and keeping all relevant software up-to-date.
6. Educate your staff. Make sure all employees are well aware of password security, spotting email scams, cybersecurity threats, reporting data breaches and taking care of physical devices.
7. Privacy policy. This policy needs to outline information on collection and storage of personal data, what you use it for and how you protect it. It's a good idea to make this available on your website.
Summary
Specific data protection regulations differ from country to country, so make sure you are aware of any country specific rules. New cyber threats appear all the time, so it is imperative to keep up-to-date and revisit your data protection policies and procedures on a regular basis.
Most small businesses are not covered by the Privacy Act 1988 (Privacy Act), but some are. Click here to check and understand your business obligations.