ENTRY 05 - The Data Protection Policy Checklist

Today's blog will go through some of the questions from the data protection policy self-help checklist that I found fascinating and that our professor just taught us throughout our March 21, 2022 meeting. In terms of data protection for its impacted people, our professor observed that this checklist would be quite valuable for anyone beginning or running their own business, firm, or organization. The aforementioned checklist has eight guidelines, however, we will only cover three of them in this blog. Each regulation also includes questions to which you should be able to answer YES at the end of the day, as this is a good indication that their business is on the correct track in terms of data protection. Even if you can't answer YES to all of the questions, it's a nice reminder of where to search and how to get started in tackling that specific difficulty that the questions have raised. So let's start.

Rule 1: Fair Obtaining 

- Are individuals informed of the purposes for which their information will be used when we collect information about them?

- Have we gotten people's permission for almost any applications of their personal information that aren't immediately apparent?

    Obviously, I should begin with Rule 1 because the questions here are essential, and this is the procedure by which a business begins its service, which is to acquire important information from its subjects. Now, in my opinion, when asked these questions, the head should be able to answer them with ease and confidence because if not, he/she could face jail time because what he/she did was illegal and could be penalized. Also, there will be no more checklists to study and check if you fail here. Apart from that, keep in mind that everyone has rights, and safeguarding those rights is what I believe to be part of good and well-executed service. Which, in the end, will most likely benefit from it. Now, on to the next one.

Rule 4: Security

- Do our databases and systems have passwords and, if necessary, encrypted?

- Do our computers, networks, and data safe from unwanted access?

    Those questions appear to be either a no-brainer or "obviously required" on the checklist, in my opinion. But, while I grasp the principle, I recognize that I lack the ability and discipline to confidently respond to the questionnaire with a YES. Because technology is always advancing, this also implies that hacking methods are evolving. As a reminder, the man in charge of security should be on the lookout and ready to respond if a breach occurs in order to reduce the damage and continue to provide excellent service to consumers.

Rule 6: Accurate and up-to-date

-Do we verify the accuracy of our information?

-Do we continue to keep our records updated?

    Finally, the rule six questions reminded me of issues such as "fake news," Which I think about because there are people who get their information from public postings that are outdated or from other sketchy sources. This struck me because if these continue, the life of the fake data may continue to live on, which may affect the knowledge of the younger generation, which can cause more issues. So, maintaining the records up to date and validating them will help the integrity of the information and thus provide the correct information to people or individuals. 

P.S. These are not the exact questions from the meeting, but they serve the same idea.