This piece was written for Launchpad2X by Jodi Daniels, CEO & Privacy Consultant of Red Clover Advisors and 2019 Core Program Graduate.
Business owners manage a myriad of responsibilities – people, sales, marketing, customer service, and also protecting customer data. Privacy is a hot topic these days for good reason. More than 60% of small businesses will be the victim of a cyberattack and data breach. During COVID, phishing attacks are up 350% and with the shift to virtual everything and remote work, it’s a prime target for cyber hackers.
Additionally, there are privacy laws in place companies need to adhere to. Namely, the General Data Protection Regulation, GDPR, which is the EU data privacy law that made sweeping headlines in May 2018. The newcomer on the block is the California Consumer Privacy Act, CCPA, which became effective January 1, 2020 and enforceable July 1, 2020. Both of these laws push companies to increased transparency about what they are doing with their data as well as offering individuals choices about how their data is processed. To achieve that, each law has a series of requirements companies need to adhere to.
Where should a busy CEO start? The first step to achieving privacy compliance is by understanding the data in a company. This means knowing all the personal data that is collected, used, stored, and shared. What vendors are used? How long is it kept? Who has access to it? What did we tell the customer we were doing with this data?
Once there is a solid understanding of the personal data the company is responsible for, a privacy notice that is compliant with CCPA and GDPR can be created as well as creating a playbook that will help the company manage individual rights requests it gets. With this knowledge, a company can also make sure personal data is appropriately secured, contracts are in place with vendors, employees are trained and the many other privacy law obligations.
Complying with these laws is the foundation to a privacy program and creating trust with customers. There will be new laws, marketing tactics change, vendors come and go, new products and services are launched and privacy needs to be considered each step of the way.
Customers buy products and services from companies they trust. They believe it will be a great product or experience. Customers also expect that the company will protect their data and use it in a way that doesn’t surprise them. Privacy compliance isn’t only a requirement with the law. Privacy is becoming a core feature of will be how we earn and maintain our customer relationships.
Learn more about Red Clover Advisors on their website: https://redcloveradvisors.com/company/