Quick Intelligence Blog

How do Privacy Requirements Affect my Business?

privacy_istock_022414Privacy and security go hand in hand. Cyber security focuses on protecting the information from unauthorized access, while privacy focuses more on protecting the contents of the information and ensuring it isn’t accessed or shared inappropriately. Both businesses and individuals have an expectation of privacy when they trust another business with their data.

 

The best way to think about privacy is to consider the example of health records. We can all relate to wanting our medical data kept private. A health practitioner may have access to all Ontario health records through a digital platform, however, they are only authorized to access records directly related to patients they are working with. If they access records of someone who they shouldn’t, this is considered a privacy breach, but not a security breach. As an example, When former Toronto Mayor Rob Ford was in hospital, two employees had inappropriately accessed his medical information and it was leaked. The two health care workers who breached this information become the first people in Ontario to be convicted under the province’s health privacy law.

 

Companies have an obligation to ensure that any sensitive information they have (employee data, customer data, transaction data, etc.) is not only secured from unauthorized access but is also handled properly by those people who are authorized to access it. There are many different privacy laws and industry standards around the world that businesses must comply with to ensure the privacy of the data they keep. Some of these include GDPR (General Data Protection Regulation, European Union), HIPAA (Health Insurance Portability and Accountability Act, healthcare), CCPA (California Consumer Privacy Act, California) and PIPEDA (Personal Information Protection and Electronic Documents Act, Canada).

 

As a business owner, it is up to you to know what the privacy laws in your region and industry are and ensure that you follow them. In some cases, you may be obligated to follow both an industry standard and country regulation. Whichever privacy act is relevant to your business, QuickProtect can help you learn what data you need to protect and how to best protect it.

Topics: cyber security Compliance Privacy Breach