At a recent seminar on promoting online small business success the subject of privacy was given a great deal of attention. The overall message focused on the need for accountability, consent, and the limiting use, disclosure and retention of information collected. A brief overview for the scope of each area follows.
When data is being collected ensure that the purpose for its collection is defined. Consent for data collection needs to obtained and needs to be explicit. Only collect the data needed for carrying out business. This applies even when collecting email addresses.
- Limiting Use of Data
When obtaining data do so authentically (use of deception is a violation of privacy). Provide a clear and concise explanation of how the information will be used and with whom it will be shared. It is recommended that proof of consent be retained. Do not deny a product or service to an individual who fails to consent to the collection, use or disclosure of information beyond that required to fulfill an explicitly specified and legitimate purpose. Explain to individuals the implications of withdrawing their consent. Dispose of information that does not have a specific purpose or no longer fulfills its intended purpose.
Privacy compliance provides transparency to your clients. It gives you a further competitive edge in that you are following of best practices. It is my belief that clients appreciate that and appreciate your business as a result.
Marie-Helene Sakowski, Business Consultant SME’s