People care what happens to their data and, research shows, businesses and organisations that treat people’s data with the respect and integrity it deserves, outperform those that don’t.
So how can small businesses do better when it comes to privacy and benefit from the enhanced performance this brings? And why does being ‘privacy-centric’ or privacy-first make a difference?
We’ll look at why privacy matters to people and an approach businesses can take.
Respect for personal data
People prefer to deal with businesses and organisations that respect their personal data and are open and transparent about exactly the type of data they collect, why they collect it and how long they keep it.
It turns out that, generally, people don’t mind sharing their data and having it collected by a business if there is a sensible, clear reason for doing so.
Privacy pushes performance
The numbers are far from marginal when it comes to the difference in performance of a company that do and don’t take privacy seriously. Privacy-centric companies are seen to have between a 20% to 30% lower cost per acquisition.
Experts advocate promoting a privacy-first culture and a proactive, rather than reactive approach when it comes to personal data. Putting in the minimum legal requirements rather than building processes with privacy embedded is not recommended.
Larger organisations may have a dedicated ‘ethics board’ where legal, IT and privacy specialists discuss issues and processes. They may also have ‘privacy ambassadors’ within their organisation who meet regularly and have responsibility for ensuring workforces and employees are accountable.
Every employee deals with data
The issue of accountability is significant. Every employee from warehousing, to payroll, to customer service and IT deal in one way or another with personal data of some sort. A culture that promotes responsibility for this data and its integrity of use increases accountability right down to an individual level.
Not only will this accountability come through in the communications of the business, but in how employees deal with customers, stakeholders and colleagues alike.
What small businesses can do to improve privacy
Be critical about your business when it comes to privacy. Ask yourself, are you being open and transparent with customers about the data you collect, why and how long you keep it?
Do you even have a privacy notice?
It’s vital, first and foremost for businesses to have a clear privacy notice. You don’t need a legal expert for this, necessarily.
The Information Commissioner’s Office (ICO) have a privacy notice template you can use to make your own privacy notice, along with useful advice and information.
The ICO even have a lawful basis checker for businesses, including sole traders, to check their legal requirements when it comes to data and privacy.
Keeping data safe and secure
The data you hold needs to be secure and protected. Backups must be done regularly. Devices, networks and Wi-Fi connections should be secure. And staff should be trained in spotting suspicious emails. Passwords must be strong, and access controlled throughout your organisation to the systems and devices you use.
There’s a lot a business can do, IT-wise, when it comes to data security, which Cultrix is a specialist in. It’s not enough just to install antivirus and think that’s it. Being proactive about privacy, means being proactive about IT security and your IT provider should be able to help you put the necessary measures in place.
It is the law that you keep data safe and there are many resources and advice online for businesses to consult, as well as speaking to your friendly, approachable IT expert – us!
The National Cyber Security Centre has a wealth of advice for businesses as well as information on the risks presented.
Save money and operate more efficiently
By being smart, secure and efficient in your use and storage of data, you’ll become more profitable. Keeping the minimum data, in an organised way, governed by secure processes, mean you’ll find and use the data you need quicker, saving on storage costs and becoming more compliant.
Some contracts demand data security measures that you’ll be able to demonstrate, and benefit from these extra business opportunities.
Have contingency measures in place
Do you and your staff know what to do if something goes wrong and there’s a security breach? Your ongoing business continuity is critical so if you don’t have contingency measures in place, it’s advisable to do so.
Again, IT is a crucial part of your business continuity, as well as staff training so that there is awareness and familiarity by staff of the process to follow should there be a data security threat.
Privacy is everyone’s business
We always say that IT security is everyone’s business, and everyone is accountable and responsible for their interaction with systems and information. In the same way, the privacy of personal data is everyone’s business. From the CEO to every single employee, caring about personal data can be reflected in the processes and procedures you implement and in the way you care for customers and do business.
Are you worried about data privacy, and how your business meets legal requirements? Get in touch and we can help you get the right ‘privacy-centric’ measures in place.
< Read more articles on our Web Academy
Providing digital help and support – what to consider
Do you want to offer your customers digital help and support they can access online? It’s not as simple as just removing the phoneline. Here’s what to consider.
Websites - don’t just build and leave
Nothing says ‘apathy’ like a website built then just left. Here’s why you need to keep your website up to date and checklist of eight things to do to stay current.