What is Data Privacy Day? Why Does it Matter?

Image

Take Note: It’s Data Privacy Day!

Every January 28^th, countries around the world recognize Data Privacy Day (Data Protection Day in Europe). So, let’s raise a glass, have some cake, and refresh our knowledge of the best practices to keep sensitive data away from prying eyes.

Why Was Data Privacy Day Started?

The 2007 origins of Data Privacy Day focused on protecting personal information with social networking sites as the primary target. Over time, the awareness campaign grew to promote the use of technology for individuals, consumers, and businesses on how to best protect and control personally identifiable information (PII), comply with privacy laws and regulations, and support those institutions, businesses, and educators in wide-ranging efforts to protect personal data.

What started in 2007 has expanded and grown into a more all-encompassing educational effort to protect the information we all hold dear today.

Why Does Data Privacy Matter?

The more consumers rely on digital technology, the more personal data they give away. While that is a boon to organizations who gain tremendous knowledge from this information, it also poses risks both to the consumers and to the companies who have it in their possession.

Organizations can certainly benefit by gaining a better understanding of their customers and can make strategic decisions based on this information. However, with great power comes great responsibility – responsibility for protecting the information entrusted to them.

Mismanage this personal information and you will unfortunately feel the costs. The rise in cybercrime and staggering financial and reputational impact of data breaches has spurred a demand for privacy and control of personal data.

Related Resource: Think Like a Hacker eBook

What Can a Data Privacy Breach Cost?

According to an IBM study, the average cost of a data breach was recently estimated at $3.92 million, with highly targeted industries like finance, healthcare, and retail potentially paying even more! So, how do these costs break down? Here are just a few line items:

• Payments to impacted individuals, including compensation and assistance in the form of credit checks and the staffing of dedicated help lines
• Investigating the data breach and implementing measures to prevent a recurrence
• Ransom payments to regain any stolen data
• Investing in new ways to safeguard your data
• Loss of current and potential future customers
• Payment of any applicable regulatory fines and penalties

According to Risk Based Security, over 36 billion records were exposed by the end of Q3 2020 alone. As a result of breaches over the years, governments have adopted regulations such as:

• The global Payment Card Industry Data Security Standard (PCI DSS)
• The General Data Protection Regulation (GDPR) in Europe
• Australia’s Consumer Data Right (CDR)
• The United States’ Health Insurance Portability and Accountability Act (HIPAA)
• Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA)
• Singapore’s Personal Data Protection Act (PDPA)
• And even state-specific California's Consumer Privacy Act (CCPA)

Undoubtedly, more regulations are on the way.

Boost Data Privacy to Increase Trust

With widely publicized stories of cybercrime, data breaches and hacks, consumers are increasingly wary of providing personal data to the organizations with which they do business. To maintain a competitive advantage, businesses need to amp up their awareness of this hesitancy and take the proactive steps needed to secure trust in their data management practices.

According to a survey by McKinsey & Company that asked respondents to rank the most trusted industries in protecting privacy and data, they found these disappointing levels of trust by consumers:

• Healthcare and financial services – 44 percent
• Pharmaceuticals/medical – 22 percent
• Retail – 18 percent
• Technology – 17 percent
• Public sector and government – 11 percent
• Media and entertainment – 10 percent

Note, not a single industry even reached the half-way mark for the trust factor. Therefore, organizations that put a strong emphasis on ensuring information privacy can potentially gain a competitive edge.

Enhance Your Data Privacy Security

First, take some time to do a thorough review of the tools, applications, and processes your organization currently uses to ensure the personal information you use and handle is truly kept private. Ensuring that your organization’s data security is a budget and resource priority for the C-level can go a long way to mitigating risks. This basic, overarching step, taken regularly, can help you maintain a high level of awareness throughout your organization that can pay off in terms of the trust your customers and third parties have in you.

Related Resource: 6 Ways to Get Buy-in For Your MFT Solution

5 Actions to Boost Data Privacy

1. Encrypt Your Data at Rest and in Motion

Which encryption protocol you choose depends on a few factors, including you and your trading partners’ requirements:

• How sensitive is the data being exchanged?
• How will the data be transported (for example, FTP, email, HTTP)?
• Are large files being exchanged (which should be compressed)?
• Should the files be encrypted (before transmission) or should the connection be encrypted?
• What encryption standards does your trading partner support?

2. Educate and Equip Your Organization to Secure Data Privacy

Human error accounts for a large percentage of breaches. And with the proliferation of staff now working remotely, reducing the risk of human error is more important than ever. Solutions incorporating automation, such as automatic workflows, can help mitigate some risk.

Related Reading: How a Remote Workforce Impacts Your Data Security

3. Automate to Reduce Human Error Risk

By eliminating manual intervention in your file transfers of data, secure solutions, such as GoAnywhere Managed File Transfer, utilize automatic workflows. With workflow projects you can define the file transfers and business processes you want to perform to be executed as a seamless, end-to-end workflow.

4. Authenticate Your Users

With the proliferation of remote workers, ensuring account access is protected is paramount. Multi-factor authentication software can add the extra authentication level needed.

And of course, educating your organization’s users on strong password security is a must. Recommendations include not using the same password for all accounts, mixing up passwords with a combination of letters, numbers, symbols, and casing and increasing the required length of passwords (make it at least more than six characters).

Related Resource: Are SSH Keys or Passwords Better for SFTP Authentication?

5. Transfer Data Securely

One of the biggest risks to cybersecurity happens when transferring files to a third party. In honor of Data Privacy Day, ensure the files you’re transferring are both secure and encrypted. How? By using secure, managed file transfer (MFT) software, like GoAnywhere MFT.

GoAnywhere protects files both while at rest and in motion, preventing access by unauthorized users or cybercriminals via strong encryption and automated security features. Its user-friendly dashboard makes adhering to data security protocols easier. When an application is easy to use, it’s much more like to actually be used. GoAnywhere allows for the easy collaboration organizations need and the integration with your existing applications that provides for better ROI.

Related Resources: ROI of MFT Calculator

Data Security is a Layered Effort

To check out how adding managed file transfer to your organization can sweeten your data security we offer both trials and demonstrations. See for yourself how GoAnywhere can sweeten your data security position with a demonstration today. You can also check out our white paper on defending against data breaches.

Download Defending Against a Data Breach