Protect Your Customers' Privacy

Protecting Privacy

In the days of identity theft and the Patriot Act, consumers are wary of giving out personal information. How are you making sure your customers know you’ll protect them?

By Rachel Friedman

Privacy – it’s getting tougher to maintain, especially with identity theft on the rise. With this in mind, Americans are demanding that the companies they work with take extra care with their personal information. Sixty percent of Americans have decided not to support a store because of doubts about that store’s privacy protections, according to a Harris Poll sponsored by Microsoft. What is surprising is that it isn’t just marketers that are trying to access personal information. Even the government has drafted private industry for “data collection duty.”

So how can businesses keep customers’ personal information under wraps when the U.S. Patriot Act allows the government to collect whatever information it likes? Jacqueline Klosek, an attorney and author of The War on Privacy (Praegar, 2006), advises clients on issues related to data privacy and security. Klosek believes private industry faces a precarious balance, trying to simultaneously maintain consumer privacy while also complying with governmental demands for information. “This issue is not going to just disappear,” Klosek says. “The war on terror has reduced privacy rights in the United States and around the world. The bottom line is, whether the feds are leaning on your company for records or you’ve suffered a security breach by hackers, your reputation is at stake and you’ve lost your customers’ trust.”

Klosek routinely advises businesses to follow all privacy measures required by law, and she offers these tactics for protecting your customers:

1. Conduct an internal audit. Before you can inform your consumers about your privacy policies and practices, you must first understand what they are. Consider conducting an internal audit to determine and evaluate what data you’re collecting, how you’re using it, with whom you are sharing the information and how that data is being protected. Having all this information in one place will help you create policies.

2. Develop a privacy policy. Once the company’s plans for collecting and using customer information are clarified, communicate this to your customers by posting a privacy policy. Consider consulting your attorney to make sure your policy follows all established laws and guidelines.

3. Be as broad as possible with your policy. This will give your company greater latitude if you are forced by the government to hand over data or are faced with other potentially unanticipated events such as corporate restructuring, mergers and acquisitions.

4. Seek prior consent from your consumers or clients about potential personal data transfers that could be subpoenaed by the government or handed over to business partners and service providers.

5. Conduct due diligence when outsourcing. Examine the third-party service provider’s experience with privacy and data security. Investigate any privacy complaints the service provider has faced, and make sure you’re complying with all U.S. and foreign laws when outsourcing.

6. Protect your website. Consider implementing a Web monitoring program that automatically runs privacy scans to ensure that the site hasn’t been compromised and that privacy measures remain intact.

Share this Article