|Dave Pelland has extensive experience covering the business use of technology, networking and communications tools by companies of all sizes. Dave's editorial and corporate experience includes more than 10 years editing an electronic technology and communications industry newsletter for a global professional services firm.|
Major regulatory initiatives are promoting companies of all sizes to update their privacy policies and providing opportunities for businesses to increase customer trust with a strong commitment to protecting their data and privacy.
Two major regulations are shifting the privacy practices of companies worldwide. The European Union’s General Data Protection Regulation (GDPR), which took effect in mid-2018, and the California Consumer Privacy Act, which takes effect in 2020, both require companies to take a number of measures to increase privacy-related protections and disclosures.
GDPR, for instance, requires companies (of any size or location) that do business in Europe to:
While the law applies directly to companies that interact with European consumers, the global nature of online business means U.S.-based companies, especially leading tech companies, have adjusted their data and privacy practices to comply with the regulation’s requirements. These changes are likely to become expected practices among consumers, regardless of the size or location of the company they’re dealing with.
Similarly, California’s data law requires companies to disclose the personal data they collect; provide an option to opt out of that data being shared with third parties; and to delete personal data upon request.
California’s size and the number of tech companies based there means the state’s data requirements are likely to be adopted in other locations, just as California’s data breach notification law was essentially duplicated by the rest of the country.
An Effective Policy
If you share information with other companies, such as cloud service providers, you need to explain what you’re sharing and why. This may include your customer relationship management software provider, email service provider, and other business partners.
You also want to strike a balance between your policy’s need to establish legal protections with using clear language that customers will understand.
There are a number of sample privacy policies online that can provide an effective starting point for your company’s policy, but it’s also a good idea to customize your policy to fit your business’ needs. A review by your legal professional is a prudent step that can help you avoid problems later.
Some privacy-related steps you’ll want to take or review include:
It’s also helpful to regard privacy protection as an opportunity, not just a compliance hassle. With data protection receiving so much attention, consumers are more likely to trust companies that can demonstrate a clear commitment to protecting their data and using it responsibly.
Read other technology articles.
Copyright © 2005-2018 Small Business Resources. www.sbresources.com. All rights reserved.