Are You Ready for Data Privacy Day on January 28? | Practical Law

Are You Ready for Data Privacy Day on January 28? | Practical Law

A collection of resources to help businesses develop privacy and data security compliance programs in honor of Data Privacy Day.

Are You Ready for Data Privacy Day on January 28?

Practical Law Legal Update w-001-1620 (Approx. 4 pages)

Are You Ready for Data Privacy Day on January 28?

by Practical Law Intellectual Property & Technology
Published on 24 Jan 2017USA (National/Federal)
A collection of resources to help businesses develop privacy and data security compliance programs in honor of Data Privacy Day.
Data Privacy Day occurs annually on January 28. Its purpose is to raise awareness and promote privacy and data security best practices, which makes it a good time to take a step back and consider what privacy means to businesses and consumers.
Make the most of Data Privacy Day by taking time to:
  • Educate your organization about data privacy. Training is a key element of a strong privacy program, so leverage Data Privacy Day to educate your organization about important data privacy and protection practices. Not sure where to start? The FTC provides a free online tutorial about protecting personal information for businesses to use as part of their employee training efforts.
  • Send a short, company-wide email reminding employees to use different passwords for business and personal accounts and always make passwords complex and unique, because strong privacy programs start with good security practices. Include helpful tips on how to remember passwords without writing them down, such as:
    • starting with an easy-to-recall sentence or phase that can translate into a strong password. For example, the sentence "Soccer (Football) is the number one sport in the World!" leads to the complex and hard to guess password, "S(F)it#1sitW!";
    • combining a short, standard password base with account-specific information to create customized passwords. Start with an easy to remember but unique password and combine it with something unique about the account. For example, starting with the unique base of L!0ns (for Lions), an Amazon password could become "L!0nsAmzShop" while a Facebook password could become "L!0nsFBSoc"; or
    • creating a pattern password using locations on your keyboard instead of focusing on the letters. For example, by starting at the number 3, create a "V" on your keyboard by pressing the keys for "3EdcfT^" and use that as the password. The user can easily rotate the password in three months by moving the starting location.
  • Remind employees to conduct annual privacy reviews by examining the business's:
    • personal information use practices. As the FTC's Big Data Analytics report reminded businesses, algorithms and automatic decision making processes leveraging personal information, like automated resume screening, can sometimes lead to unintended consequences, such as unfairness or bias. Businesses using big data analytics should periodically review those algorithms to ensure they do not result in harmful or discriminatory outcomes. See Legal Update, FTC Issues Report on Big Data Analytics; and
    • privacy notices. It's important to keep privacy notices up-to-date. Practical Law's Practice Note, Drafting Privacy Notices and Drafting a Privacy Notice Checklist provide detailed guidance on what to consider when developing privacy notices and best practices for explaining privacy practices.
  • Join the global privacy conversation through social media by using the official Data Privacy Day hashtag: #PrivacyAware!
Practical Law has many resources to help you create and sustain a strong privacy program, including:
You can also learn more about common cybersecurity issues with Practical Law's Practice Notes: