Businesses collect data about their employees and customers. However some of this data is personal, and could be subject to privacy laws. For instance the time a disgruntled employee at UK supermarket chain Morrisons leaked details of the contact lists of staff and customers in 2014, the company was fined for breaching privacy laws. The definition of personal information is used by several global privacy laws including the EU General Data Protection Regulation.
This includes information on the habits, activities of a person and relationships that can be used to identify them. Names, addresses, email addresses, and telephone numbers can be used to identify a person, and so can photos, videos, and audio recordings of conversations with your employees and customers. The GDPR also requires you to secure sensitive personal data, and imposes specific disclosure and consent requirements on it.
Privacy laws all over the globe provide better security for sensitive data. This might include biometric, health, or political association data. You generally need explicit clear and unambiguous approval to process sensitive data and the degree of security you must provide for it will differ based on the laws of your state.
You may need to keep an inventory www.bizinfoportal.co.uk/2021/02/12/advantages-of-a-business-information-portal/ of your computers, laptops and digital copiers to figure out where you keep personal information. It is recommended to check your file cabinets and computer systems as well as home computers mobile devices, flash drives and other equipment used by your employees. You should also take into consideration the personal information that your business receives from third parties and suppliers.
