On the heels of a year that saw, among other things, ransomware attacks occurring about every 11 secondsOff-site link and a significant supply chain breachOff-site link affecting 18,000 public and private entities, better data privacy should top our collective list of New Year's resolutions. But if this wasn't among our resolutions, we still have National Privacy DayOff-site link on January 28 to remind us of the need to be vigilant.

Frank Sinatra sang to us in "Love and Marriage" that you can't have one without the other. Likewise, you can't separate data privacy from data protection. Organizations that place a high value on data privacy implement strong data protection measures. Without doing so, privacy can't be assured.

The National Cyber Security AllianceOff-site link, sponsor of National Data Privacy Day, has created calls to actionOff-site link employing a few basic privacy concepts that individuals and businesses can follow to keep data safe online.

For individuals: Own Your Privacy

  • Personal info is like money: Value it. Protect it. Beyond personally identifiable information, this extends to e-commerce purchases, IP address, and location.
  • Keep tabs on your apps. Don't just click "OK" on those pop-ups asking to access your location, contact lists, photos, and other personal data. Consider why it is needed and how it will be used and stored. Also, closely examine links and attachments in text messages and emails to keep malware and viruses off your mobile device.
  • Manage your privacy settings. Revisit the data access permissions on your apps and web services.

For businesses: Respect Privacy

  • If you collect it, protect it. Consider the data your business collects, the business purpose it serves, the way it is stored (such as data encryption), and the length of time it is stored.
  • Adopt a privacy framework. Establish a privacy culture in your organization that manages risk and promotes transparency.
  • Conduct an assessment of your data collection practices. Evaluate their adherence to applicable privacy regulations.
  • Remember that transparency builds trust. Promote transparency with customers in the collection, use, and sharing of their personal data.
  • Maintain oversight of partners and vendors. Ensure that third-party service providers share your priority for data privacy and protection.

As many of us will likely continue to work remotely well into 2021—and will likely continue our heavy use of the internet and e-commerce adopted last year—the new year provides a good opportunity to examine apps and behaviors that could put your data privacy at risk. For me, this includes reviewing locations where my payment information and other personal data are stored.

How will you resolve to better protect your data in 2021?

Photo of Nancy DonahueBy Nancy Donahue, a project manager in the Retail Payments Risk Forum at the Atlanta Fed