Protect Your Customers with this Data Privacy Checklist

September 5, 2019 Jerry Vasquez

Protect Your Customers with the Data Privacy Checklist

In today’s climate, it is essential that your organization understand how to manage private data. Ignorance is no excuse, and even a single misstep could land you in hot water with regulatory agencies, media organizations, and your own clients.

Use the following checklist to ensure that the protections you have in place are sufficient – and in the event that they are not, make you aware of what needs to change.

Customer Disclosures

I have drafted and published a privacy statement that is easy to read and understand for consumers. Within it….

  • I have defined customer data clearly and concisely
  • I am transparent about the personal information my business collects from consumers.
  • I am transparent about how that information is used – ie. disclosure to third parties, secondary uses of personal data, etc.
  • I have established defined rules regarding…
    1. How data is collected
    2. How data is used and disclosed
    3. How long data is retained
    4. How employees are advised and educated on data retention and protection
Need help securing your entire infrastructure? Download The Security Infrastructure Checklist for SMBs.

Business Processes

  • I know what data my business is responsible for
  • My employees understand my business’ data protection guidelines.
  • If a consumer does not wish for my business to store or manage their data, there are procedures through which they can take ownership/remove it from my servers.
  • I know which employees have access to that data.
  • I have ensured that these are solely employees that need to have access.
  • Where required, I have registered with the Data Protection Commissioner.
  • The employees responsible for these data sets have been briefed on said provisions.
  • Data is regularly checked for accuracy, and time-sensitive data is regularly evaluated.
  • Data protection policies are regularly reviewed and re-examined.
  • Where relevant, I am fully-compliant with regulations such as:
    1. HIPAA
    2. FISMA
    3. PCI
    4. NERC
    5. PSQIA
    6. PIPED
    7. GDPR
    8. SOX
    9. GLB
    10. C-TPAT
  • My employees are fully-educated on protecting private data – both their own and the data managed by my business.
  • My business is an open, public advocate for user privacy rights
  • My business is transparent about government requests for user data.

data privacy checklist

Technology Precautions

  • I know where data is stored and how it is secured.
  • There is a defined set of security provisions in place for each set of data.
  • All computers and databases where sensitive data is stored are…
    1. Access-controlled
    2. Password-protected
    3. Encrypted
  • I have taken measures to secure my corporate network, such as…
    1. SSLs (Liquid Web offers SSL options for encrypting your transactions online.)
    2. Firewalls
    3. Strong Authentication
    4. Secure VPN
    5. Management/control of corporate devices (ie. smartphones, laptops, tablets)

Getting Data Privacy Under Control

It is a long checklist, is it not? All the same, it is one that you should mark off in its entirety if you truly wish to say your organization is serious about data privacy. Completing this list will help you foster trust with your customers while avoiding trouble with regulatory agencies. For those with HIPAA compliance requirements, we have the resources for your success.

Get the complete Security Infrastructure Checklist for SMBs

eBook - SMB Security Checklist

About the Author

Jerry Vasquez

A self-professed pirate captain with two decades of leadership experience, Jerry has led teams from 60+ cooks and chefs to 16 networking engineers. He brings those years of experience to his current role as Product Manager at Liquid Web, focusing on networking and security products. When not working or sleeping, Jerry can usually be found eating and having a good conversation with good people.

More Content by Jerry Vasquez
Previous eBook
“Great advice on any question we’ve ever had” - Weigh Less Case Study
“Great advice on any question we’ve ever had” - Weigh Less Case Study

With a 35% increased traffic rate to Weigh Less's site during the holidays, secure fast servers were a must...

Next Article
Quick Guide to Best Practice for Data Backup
Quick Guide to Best Practice for Data Backup

The only way to fully protect yourself is to regularly backup your data so you can fully recover in the eve...

Secure Your Infrastructure With This List

Get Checklist