Ask These Five Questions to Protect Your Data

Sometimes it feels like every time you turn on the news, you hear about a new data breach. Consumers are concerned about their privacy and the threat of identity theft, but are often confused about how to protect themselves – especially when businesses collect their personal data on a daily basis. Data Privacy Day, celebrated on Jan. 28, is an international effort “to create awareness about the importance of respecting privacy, safeguarding data and enabling trust.”

BBB Accredited Businesses are committed to BBB’s Standards for Trust, which includes “Build Trust”, “Safeguard Privacy”, “Be Transparent”, and more. However, not all businesses are. That’s why it’s important for you to take the protection of your privacy into your own hands, and make sure that you can trust businesses that receive your data.

Protecting your data is key to identity theft prevention. The Federal Trade Commission (FTC) received around 400,000 complaints about identity theft in 2016 – it was the third most common complaint.

BBB encourages consumers to find out the answer to the following questions before dealing with a business, or entering information on a website:

  1. Does the website have a privacy policy? The California Online Privacy Protection Act (CalOPPA) requires any commercial website or online service that “collects personally identifiable information through the Internet about individual consumers residing in California” to “conspicuously post its privacy policy on its website”. The policy must include what information is being collected and who it is shared with, along with other disclosures. Make sure any website that may be collecting your information has a privacy policy – and read it! Consider it a major red flag if there’s not a posted privacy policy.
  2. How is your data being protected? Every business should have a data protection plan, and be open and transparent about it to their customers. A data protection strategy should detail: how data is stored; the security of the storage system; and how data is backed up, recovered and moved. If you aren’t convinced by a business’ data protection or they aren’t transparent about it, don’t feel pressured to continue with the interaction. BBB has resources to help businesses protect customer data – check out the 5 Steps to Better Business Cybersecurity.
  3. What is being collected and shared? A website’s privacy policy should be clear about what data is being collected and shared. If you are dealing with a company offline, you’ll know what data you’re supplying them with. However, it’s important to know if your data is being shared with vendors or partners, or if it’s being sold. Even if the original business is committed to protecting your privacy, their vendors may not be. After figuring out which entities your data is shared with, determine the security practices of those businesses as well.
  4. Is the business PCI compliant? The PCI Security Standards aim to protect financial information and cardholder data. The Standards maintain that “payment security is required for all entities that store, process or transmit cardholder data”. Make sure that any business you supply financial information to is PCI complaint. If you’re a business that would like to become compliant, BBB has resources that can help you do so.
  5. What will be done if your data is stolen? As of Dec 27, 2017, the Identity Theft Resource Center (ITRC), a BBB Accredited Charity, identified more than 1,300 breaches that exposed over 174 million records. The number of records exposed increased by around 380% from 2016: ITRC’s 2016 Data Breach Report included more than 1,000 breaches that exposed more than 36 million records. Every business should have a plan to prevent data breaches. Additionally, the business should have a plan detailing what they will do if a data breach does occur. What measures do they have in place to detect a breach? If a breach is detected, what’s their communication plan for notifying customers? Will they attempt to investigate the breach and mitigate the damage? If you’re concerned that your personal information has been compromised by a data breach, you can find tips and suggestions at org/breach.

Rebecca is the Communications Supervisor for BBB serving the San Francisco Bay Area and Northern Coastal California. She works to advance BBB’s vision of an ethical marketplace where buyers and sellers can trust each other. She does this by developing content such as blog posts, press releases, newspaper columns, and PSAs to educate businesses and consumers. Rebecca also represents BBB at community events.

Tagged with: , , , , , , , , , , , , , , , , , , ,
Posted in Business Tips, Computers - Internet - Privacy, Consumer Tips, Credit - Mortgage - Payments

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: