The Importance of Online Security and Data Privacy in 2019
In today’s digital age, the topic of online security and privacy has become increasingly prevalent. User data is more open and accessible than ever and, consequently, consumers may be wary when trusting companies with abundant amounts of confidential data. Now more than ever, it is important to consider the ways in which our personal data is managed online, and how that data is managed by the companies we trust.
The Current State of Data Privacy
It is no secret that today’s world is rapidly advancing technologically. With vast amounts of growth online, personal information has become more vulnerable than ever. This past January 28th, the world celebrated “Data Privacy Day.” You may be asking yourself, “Do we really need a ‘Data Privacy’ holiday?” Well, many professionals believe we do. Colin Truran, principal technology strategist for Quest, told Forbes that Data Protection Day may not only serve as a day to increase awareness about the importance of online security, but also an event that can hold businesses accountable for their handling of consumer data. Until stricter regulations are put into effect, it is important to hold companies at a high standard when it comes to consumer protection.
As of last year, the General Data Protection Regulation (GDPR) went into effect. This progressive regulation enforces data protection laws across all 28 EU countries as well as new, stricter rules regarding personal identifiable information (PII). GDPR also enhances consumer protection by focusing on data protection rights including breach notification, right to access, right to be forgotten, etc. When it comes to organizations managing EU residents’ personal data, compliance is required. Any applicable organization who proves to be non-compliant can expect a large fine (€20 million or 4% of the company’s total global revenue, to be exact). Many companies have already had to pay the price for being non-compliant.
On the very first day of the GDPR enforcement, Facebook and Google had been hit with a stack of lawsuits regarding their data collection practices. Google has been fined roughly $57 million USD for failing to provide enough data usage information to its users. As for Facebook, the company has made attempts to improve their practices, resulting in an ongoing legal battle. Although both companies have enforced new policies to ensure compliance, many argue that their methods still aren’t completely transparent to consumers.
Recently, there have been attempts to improve data privacy within the United States. The California Consumer Privacy Act (CCPA), passed in June of 2018, aimed to uphold consumer rights over personal data and is expected to go into effect in January of 2020. This motion itself (and other individual state motions) may invoke the establishment of a national privacy law in the United States. Although the future looks bright for a national data privacy movement, we still have a long way to go in regard to keeping our data safe online.
What Can Organizations Do?
According to Forbes’ Ameesh Divatia, companies must begin to shift from simple ‘compliance’ to ‘concern and care.’ This philosophy is meant to go above and beyond by taking the time and care to assure that customer data is safe and protected. For Forbes, Colin Truran states that organizations should make an effort to be utterly transparent and open about what happens with the data they are entrusted with. It goes without saying that businesses have a great responsibility to manage confidential data; however, consumers are also responsible for holding companies to these standards when it comes to the safety of their personal information.
As a software company, we at OptimumHQ believe it is our duty to protect and securely store every client’s personal data. We understand modern-day concerns regarding data collection and storage, and we will continue to maintain the utmost safety and security on our platform. That’s why we are HIPPA and SOC 2 compliant, as well as transparent about our policies and practices regarding the management of personal information.