Data integrity will be a top trend for companies in 2021. Today, virtually all countries have adopted laws that affect data integrity – or they are actively considering them. Failure to protect customer and employee information can have costly consequences. Business leaders need to keep track of this very complex and evolving area of compliance.
Companies have many more reasons to invest in data security and integrity. The most convincing advantage is that data protection creates customer trust and loyalty. So there is a real opportunity to turn data protection into a competitive advantage.
Laws that protect data protection for consumers
Here are the most important laws that affect companies in Europe, USA, Canada and Great Britain.
- The General Data Protection Regulation (GDPR) requires companies to protect the personal data and privacy of EU citizens. It is important for companies outside the EU to understand that international transactions with an EU citizen are protected by the GDPR. The law gives individuals the right to access their own data and request that data be deleted or deleted. In addition, opt-in / opt-out messages and conditions must be clear and precise. Since the GDPR came into force in 2018, data protection complaints have increased in France, Germany and the United Kingdom. 
- Personal Data Protection and Electronic Documents (PIPEDA) entered into force across Canada in 2018. It requires the consent of organizations to collect, use or disclose personal information. Individuals have the right to know why an organization collects data, who is responsible for it and how it will be secured. Individuals also have the right to access their personal information and request corrections to it.
- The California Consumer Privacy Act (CCPA) entered into force on January 1, 2020 and provides similar rights and protection to California residents as the GDPR gives Europeans. It may take time for this law (and similar laws in other US states) to effectively eradicate the worst privacy breaches, but eventually rules like these will force many companies to be more transparent and collect less data. The New York SHIELD Act (SHIELD) was adopted in July 2019 and became fully enforceable in March 2020. It requires companies to implement "private information" guarantees (including name, SSN, financial card or account number, e-mail address, passwords and biometrics) for New Yorkers.  It also broadened New York's existing criminal reporting requirements.
Strengthen Your Data Security Routines
There are many ways companies can improve privacy. Start by looking at all your technologies and eliminating software and hardware that is either no longer in use or no longer meets your data security needs in terms of encryption, password protection, authentication or role-based security. Always use a full range of antivirus and network security tools. If you have limited IT resources, cloud solutions can enable you to take advantage of secure data centers and methods used by large technical vendors. Keep your data footprint lean by not collecting more information than your business needs. Train employees on social technology systems and teach them to detect and stop phishing and other scams. Many cybercriminals see your people as a "softer target" for infiltrating your business than hacking.
Blog Authorized by CyberScout
 RSA, “RSA Data Security & Privacy Survey 2019,” 2019.
 Consumer Reports, “California's Privacy Act is finally here. What now ?, ”Germain, Thomas, January 2, 2020.
 SHRM,“ The New York SHIELD Act: What Employers Need to Know, ”Philip Gordon and Jennifer Taiwo, August 28, 2019.
Copyright © 2021 Central Mutual Insurance Company. All rights reserved.