Skip Navigation
Today is Data Privacy Day!
January 28, 2021 Gabriela R. Smith-Sherman, Chief Information Security Officer
Tagged: Risk Protection

In today’s climate, many of us are teleworking on a daily basis, with an increasing number of threats targeting sensitive Personally Identifiable Information (PII). We must consider how to best safeguard our data in the digital world from our homes and offices. While these concerns existed before the pandemic, the threat landscape has expanded, requiring hyper vigilance in protecting our data. Following policies, procedures, and best practices is paramount for the protection of our PII in today’s new norm. It is also important to know how to protect your personal information, as well as your family’s information, both at home and online.

Data Privacy Day helps spread awareness about privacy and educates citizens on how to secure their personal information. It also works to encourage businesses to be more transparent about how they collect, store and use data. Below are some privacy tips to increase your awareness about the importance of protecting sensitive PII, to help you Own Your Privacy!

5 Tips for Individuals

  1. Personal info is like money: value it!
    Personal information, such as your purchase history, IP address, or location, has tremendous value to business—
    just like money. Make informed decisions about whether or not to share your data with certain businesses by considering the amount of personal information they are asking for, and weighing it against the benefits you may receive in return.
  2. Manage your privacy settings.
    Check the privacy and security settings on web services and apps and set them to your comfort level for information sharing. Each device, application, or browser you use will have different features to limit how and with whom you share information.
  3. Keep tabs on your apps.
    Many apps ask for access to personal information such as your geographic location, contacts list and photo album, before you can user their services. Be thoughtful about who gets that information, and wary of apps that require access to information that is not require or relevant for the services they are offering. Delete unused apps on your internet-connect devices and keep others secure by performing updates.
  4. Be careful and vigilant.
    Follow safety rules when using your devices, such as: be sure operating system and application updates on your computer are occurring on a regular basis. Do not access workplace data on mobile devices unless authorized and necessary. Always turn off Bluetooth when it is not needed. Never click suspicious links in emails or text messages. Use caution when opening email attachments, especially password-protected zip files. Use unique passwords for each online account.

  5. Don't forget physical security!

    Help ensure your location's security by monitoring the environment and reporting any breaches of policy, data protection, or security. When you’re away from your computer, lock away sensitive information in your desk or filing cabinet, and use a password-protected screensaver.

5 Tips for Businesses

  1. If you collect it, protect it. Follow reasonable security measures to keep individuals’ personal information safe from inappropriate and unauthorized access.
  2. Consider adopting a privacy framework. Build privacy into your business by researching and adopting a privacy framework to help you manage risk and create a culture of privacy in your organization.
  3. Conduct an assessment of your data collection practices. Understand which privacy laws and regulations apply to your business.
  4. Transparency builds trust. Be open and honest about how you collect, use, and share consumers’ personal information.
  5. Maintain oversight of partners and vendors. If someone provides services on your behalf, you are also responsible for how they collect and use your consumers’ personal information.
EXIM’s Blog postings are intended to highlight various facets of exporting, but the postings are not legal advice, and are not intended to summarize all legal requirements associated with exporting.