Saturday, September 30, 2017

Basic rules for data protection compliance

There is yet to be a comprehensive and consolidated data protection law in the United States. In the country, data protection is primarily regulated through a number of sector-specific federal laws as well as state laws. Some federal privacy-related laws apply to specific categories such as financial or health information as well as electronic communications, while others apply to activities governing personal details such as telemarketing. 

Image source: Pixabay.com

But there are general rules that cover data protection compliance. One is consent, where one should obtain consent before acquiring, holding, or using personal data wherever possible. It is also necessary to be careful with sensitive personal data, such as those pertaining to race, political opinion, health status, religious belief, sexuality, and criminal offense. 

Create and retain personal data only whenever absolutely necessary, and securely dispose of or delete any personal data that is already out of date, irrelevant, or no longer required. Paper records containing personal data about to be discarded must be treated with confidentiality. The files must be shredded rather than disposed as waste paper. 

Security is crucial. Personal data must be kept as securely as possible, such as storing them in cabinets or in rooms that can be locked. Do not leave personal data records unattended in offices or those accessible to the public, or keep them from being displayed on computer screens visible to passersby. 

When it comes to disclosure, consent from the individual concerned must be obtained before placing information about him or her on the Internet, and before sending personal data outside of the country or for worldwide transfer. 

Image source: Pixabay.com 

Secure Channels is a provider of innovative, effective security solutions through state-of-the art platforms ensuring access and protecting client data. Learn more about its services on this page.