Data privacy has become an increasingly huge issue offshore. Here in the Philippines, it rarely gets a few minutes’ worth of discussion. It’s understandable. The country has a lot of other things to worry about.

Regardless, the pioneers and leaders in this country’s business sector must be one step ahead when it comes to this matter.

Entrepreneurs have the responsibility to protect their customers against any future exploitation from malicious organizations and even from themselves.

But what exactly is the issue with data privacy and why should everyone, not just you, be aware of it?

The Great Hack

The Great Hack is a Netflix special documentary about the effect of unethical data mining during the United States’ 2016 presidential elections. It focused on the company Cambridge Analytica, a UK-based data analysis, brokerage, and mining service provider.

Cambridge Analytica was investigated, and faced a class-action lawsuit together with Facebook. After the scandal erupted, Facebook suffered a major revenue loss and Cambridge Analytica filed for insolvency proceedings.

There are two things entrepreneurs can learn from The Great Hack. One, make it a priority to keep your, your family, and your business’ information safe from data harvesting. Two, dealing with another person’s data, particularly your customers’, is serious business.

The question now is: How can you actually protect your business from getting sued over data privacy issues and how you can protect your customers against it? Here are some data privacy tips you should start applying now.

1. Read Up on the Data Privacy Act of the Philippines (RA 10173)

It’s a long read, but it’s worth it. However, despite having a law that protects data, enforcement of this act is a huge challenge — not just here, but internationally. For a case to happen, you must file one in the National Privacy Commission, as per the Data Privacy Act of 2012.

2. Create and Strengthen Your Privacy Policy Statement

If your business already has one, be sure to review and update it to avoid complications. If you don’t, then you must draft one with a legal professional. Note that the Philippines’ policies and laws about data and online activities are still premature. Even US laws have a lot of loopholes; hence the Cambridge Analytica fiasco.

Local banks strictly comply with the Data Privacy Act since they are considered as personal information controllers (PICs) and personal information processors (PIPs). For example, the Bank of the Philippine Islands’ Data Privacy Statement expressly states:

• what data they will collect from customers — from personal information such as contact details, government ID details, and the like to non-personal information such as IP address, operating system, browser type and version, etc. when accessing their website
• how they are going to collect such data
• how they will use the given information
• how long they will store the data
• how they will share the data with third parties

Know that if your company acquires, stores, and processes personal information, you are considered a PIP and/or PIC. Once your company or data processing system reaches certain thresholds (e. g. more than a thousand data processed, more than 250 employees, etc.), you are required to cooperate with the National Privacy Commission and register your data processing system.

3. Advocate Data Privacy

This seems redundant after having a privacy policy that your customers can read. Face the fact that only a handful will actually read it, and it’s just actually a legal form to protect you from data privacy legal cases.

But for your customers’ and reputation’s sake, all customer-facing employees and data-gathering forms must inform your customers about how you’ll handle their data and where they can find your privacy policy.

4. Educate Your Customers

You and your business are not always in a position to do this, but you will always have a lot of opportunities to teach your customers some important data privacy measures and their digital rights. There are three things they need to learn from you: how to be anonymous, smart, and wise online.

For example, BPOs will always have a spiel when transacting with customers over the phone: They assure the customer how their data is going to be used. This is for the sake of transparency and for customers to be aware of how their information is going to handled by the business.

5. Strengthen Your Business’ Data Security

Data privacy is not just about letting customers know how you process your data; it’s also about protecting their data. Data breaches are catastrophic events where your customers’ data can be hacked from your servers or databases. Be sure to add more layers of security to protect your customers’ data.

You can check out Globe myBusiness’ cybersecurity solutions, offering best-in-value security solutions for your business, in and out of the office.

6. Improve Your Data Management

The less data you have, the less problems you can have regarding data privacy. It’s crucial to know what data to store and dispose. Knowing which data to store and dispose of lightens the load of your databases and keeps you and your IT guys’ lives much easier.

Also, be sure that your databases and networks use strong data encryption. Data doesn’t only get mined from its storage; it can also be “sniffed” while it’s being sent and received.

Know how tech tools can enhance you and your business’ data privacy and sign up to Globe myBusiness Academy.