Digital Privacy Laws

With the implementation of the EU’s General Data Protection Regulation (GDPR) in 2018 and the upcoming California Consumer Privacy Act (CCPA) in 2020, businesses are required to more diligent in how they collect and protect personal information obtained online. As more states consider passing privacy legislation, there is now a push for harmonized federal privacy law.

What does this mean for your business?

These laws are designed to give individuals greater control over their personal information.
Here are a few ways to start meeting these laws in your business.

1. Identify and Document the data you already hold
Understand your current process for collecting data and how it's safely stored.

2. Ensure your site holds an SSL certificate and that your site uses the HTTPS protocol.
This is especially important if you collect payments online.

3. Privacy Policy on your Website
In a concise and clear way, you must communicate to individuals what you are using the data for and how long you’re retaining the data.

4. Cookie notification on your Website
If you use cookies on your website, you should have a pop-up that allows an individual to accept the cookies.

5. Consent for email marketing
Individuals must consent to their email being collected and used in email marketing. Even if they give you their business card, you need to confirm that they’d like to receive any form of newsletters or sales emails. Also, ensure that they are able to unsubscribe at any time.

6. Data Protection
Use strong passwords and ensure data is available to only authorized personnel. Create audit logs on your work computers and give individuals their own login and password.

For more information, contact the MetroNorth Chamber at chamber@metronorthchamber.org.