How to Comply With Data Privacy Laws

How to Comply With Data Privacy Laws

By Robyn Anderson
I recently read that the global population creates 2.5 quintillion bytes of data each day, and that 90 percent of the world’s data was created in the past two years. By 2020, it's estimated that 1.7MB of data will be created every second for every person on earth. At the same time, we have become increasingly concerned about privacy and control over our information.
This tension has resulted in an avalanche of new and anticipated privacy regulation. From the European Union General Data Protection Regulation to the California Consumer Privacy Act, and the 16 states that considered comprehensive privacy legislation this year, the impact of privacy regulation will only multiply in 2020.
How do we prepare given we don’t yet know the specifics of the regulation(s) that may impact our businesses? There are some common themes among the varying proposals that give us clues. First, the concept of consumer nonpublic information is expanding beyond the common definition to include Information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a consumer. Second, consumers are granted the following rights:
The right to:

Access personal information collected
Access personal information shared with others
Deletion subject to certain exceptions
Restrict collection and/or processing
Opt-out from the sale or sharing of personal information
Data portability
The prohibition on discrimination as against a consumer for exercising a privacy right

This is a daunting list for any business but there are things we can do now to prepare. During the ALTA ONE Privacy Horizon session, we will discuss:

How to conduct a data inventory to determine what types of personal information your business collects, discloses and sells and where it resides in your system
What to consider in external privacy notices as well as internal policies and procedures
How to address third-party business relationships
Employee training
Consumer requests

The future of data privacy is here. Come join the conversation at ALTA One, hear how we can prepare now, and how your business can benefit from knowing your data.  
Robyn Anderson, chief cybersecurity and privacy counsel for Old Republic National Title Insurance Company, and Christopher Gulotta, founder of Real Estate Data Shield, will lead a session titled “Data Privacy Horizon” at ALTA ONE in Austin, Texas. Click here to register.