The National Cybersecurity Alliance has designated Data Privacy Week 2023 to be January 22-28. Fortalice Solutions has partnered with the National Cybersecurity Alliance as a Data Privacy Champion. With the overall goal of increased awareness about online privacy among individuals and organizations, one goal of Data Privacy Week is to help organizations understand why it is important that they respect the data of their users, employees and suppliers.
Also known as information privacy, it is a branch of cybersecurity involving data security to properly handle the collection, storage, dissemination and destruction of information contained within an organization and shared with any partners or third parties.
Currently there are U.S. federal and state laws and regulations regarding data privacy and protection in many industries. The Health Insurance Portability and Accountability Act (HIPAA) is an example designed to protect patient information in health care and health insurance. Another example in finance, is the Gramm-Leach-Bliley Act (GLBA) to protect nonpublic personal information such as income, credit rating, and financial services.
The first step to ensuring your organization follows laws and regulations, and is up-to-date on all mandates, is to assess your data collection practices. Ensure you have documented procedures on what data is collected and how it is managed. This includes understanding the data flow and ensuring appropriate controls exist around where data is stored and how it can be accessed or distributed.
Generate and follow security measures to keep individual personal information safe from unauthorized access. Doing so includes processes used within your organization and oversight of actions taken by your partners and vendors.
Ensure the terms of service and privacy agreements for your organization are easily accessible and available for review. Then verify the actions taken by employees follow the agreement and have documented procedures to guide those actions.
Data Privacy Week is the perfect time to share privacy protection information with your employees. Share current best practices and use this week as an opportunity to educate your employees about data privacy.
Fortalice can work with your organization to understand the recommendations and control requirements that are best for your organization and industry. Adopting a privacy framework can help you manage risk and create a culture of privacy in your organization by building privacy into your business processes. Fortalice recommends using these Privacy Frameworks:
For additional information on Fortalice Solutions's service offerings, contact Fortalice Solutions via email at firstname.lastname@example.org.
Fortalice Solutions has partnered as a Data Privacy Champion. With the goal of increased awareness about online privacy among individuals and organizations, one goal of Data Privacy Week is to help organizations understand why it is important that they respect the data of their users, employees and suppliers.
T-Mobile announced on January 19 that it was reviewing a November 2022 data breach, potentially impacting 37 million accounts through one of its APIs. This advisory is intended to help our clients understand the urgent need to understand and review their API security, while also summarizing recent T-Mobile breaches.