Privacy Rules. Or Does It?

Bryan Minami our consultant managing the role
Posting date: 7/25/2019 3:01 PM
Privacy and transparency are two sides of the same coin. With the amount of Data we give and companies consume, we want to know our personal information is safe. We want to know we are safe from illegal use of our information. But as conversations about FaceApp, Facebook, Cambridge Analytica, and Google privacy issues make the rounds again, we now know to be much more cautious. Companies would be wise to follow.

States Take the Reins to Enact Privacy Rules


Though the General Data Protection Regulation (GDPR) passed last year in Europe, businesses in the U.S. have not been so constrained. While there is no overarching federal law, states have taken steps to protect the privacy of their residents and have passed their own Data protection laws. Though all 50 states have enacted notification laws to inform consumers if personal information has been compromised, only California and Vermont have instituted laws requiring businesses to make real change in their Data operations.

Other states, from Oregon to Virginia have expanded their definitions of identifying information and increased fines to $500,000 for breaches of privacy. These more stringent rules affect such information as that from Electronic Health Records to tax preparers. And when it comes to Data disposal, companies are required to shred or modify in some way any personal information before tossing it away. Student information is particularly protected in Iowa, in which online efforts against selling their information or otherwise siphoning from online profiles are expressly forbidden by state law. 

These are just a few of the rules in place and vary slightly from state to state. So, how can you ensure you’re in compliance?

Some Tips to Ensure You’re in Compliance


If you need to create or amend your Data Management program, here are a few tips to consider:

  • Conduct a gap assessment. What existing procedures are in place which may need to be revised?
  • Ensure your legal teams work closely with your IT, business, and marketing teams to monitor changes and reassess your company’s mitigation controls. How effective are those controls within this legal landscape?
  • Ensure the consumer Data you’re collecting is “critical” to the company.
  • Create a process to receive, review, and fulfil customer requests. But also consider how you handle their information should a customer wish to opt out.
  • Train employees on how to handle personal information. Create and maintain procedures on policy changes and best practices for your Data protection policies.

A final note on the above tips, though each state has their own laws, it’s important to consider Golden Rule when it comes to privacy; how would you want your personal information handled?

Data is a Commodity. Trust is Valued. 


Broken promises have tarnished trust in companies. According to a recent survey by SAP, nearly 70% of customers said they don’t trust brands with their personal information. So as companies strive to offer the best customer experience, remember it’s more than flashing lights and deep discounts. 

Customers want to know their personal Data is safe. So how you ensure this is the case and maintain your customer’s trust? Be transparent. Collect customer information with clear intentions and keep your customers informed of changes to policies. 

Legal verbiage in policies are to protect companies. It’s time to rethink this strategy and enact policies to protect customers. Though their wariness is warranted, consider how not being transparent and protecting your own business has been detrimental to the customer experience. By being proactive in Data policy compliance laws, you let customers know you’re putting their needs first. That builds trust and loyalty to your business. Isn’t that what every business strives to attain? Even the tech companies realize its import and impact.

Earlier this year, tech companies laid out what they’d like to see in federal Data privacy laws. The key takeaway? One set of rules for all is preferred over the slightly differing state laws.

If you’re interested in Big Data and Analytics, we may have a role for you. Check out our current vacancies or get in touch with one of our expert consultants to learn more.

For our West Coast Team, call (415) 614 - 4999 or send an email to sanfraninfo@harnham.com

For our Mid-West and East Coast Teams, call (212) 796 - 6070 or send an email to newyorkinfo@harnham.com.

Related blog & news

With over 10 years experience working solely in the Data & Analytics sector our consultants are able to offer detailed insights into the industry.

Visit our Blogs & News portal or check out our recent posts below.