Golden Gate Better Business Bureau
Sometimes it feels like every time you turn on the news, you hear about a new data breach. Consumers are concerned about their privacy and the threat of identity theft, but are often confused about how to protect themselves – especially when businesses collect their personal data on a daily basis. Data Privacy Day, celebrated on Jan. 28, is an international effort “to create awareness about the importance of respecting privacy, safeguarding data and enabling trust.”
BBB Accredited Businesses are committed to BBB’s Standards for Trust, which includes “Build Trust”, “Safeguard Privacy”, “Be Transparent”, and more. However, not all businesses are. That’s why it’s important for you to take the protection of your privacy into your own hands, and make sure that you can trust businesses that receive your data.
Protecting your data is key to identity theft prevention. The Federal Trade Commission (FTC) received around 400,000 complaints about identity theft in 2016 – it was the third most common complaint.
BBB encourages consumers to find out the answer to the following questions before dealing with a business, or entering information on a website:
- How is your data being protected? Every business should have a data protection plan, and be open and transparent about it to their customers. A data protection strategy should detail: how data is stored; the security of the storage system; and how data is backed up, recovered and moved. If you aren’t convinced by a business’ data protection or they aren’t transparent about it, don’t feel pressured to continue with the interaction. BBB has resources to help businesses protect customer data – check out the 5 Steps to Better Business Cybersecurity at bbb.org/cybersecurity.
- Is the business PCI compliant? The PCI Security Standards aim to protect financial information and cardholder data. The Standards maintain that “payment security is required for all entities that store, process or transmit cardholder data”. Make sure that any business you supply financial information to is PCI complaint. If you’re a business that would like to become compliant, BBB has resources that can help you do so.
- What will be done if your data is stolen? As of Dec 27, 2017, the Identity Theft Resource Center (ITRC), a BBB Accredited Charity, identified more than 1,300 breaches that exposed over 174 million records. The number of records exposed increased by around 380% from 2016: ITRC’s 2016 Data Breach Report included more than 1,000 breaches that exposed more than 36 million records. Every business should have a plan to prevent data breaches. Additionally, the business should have a plan detailing what they will do if a data breach does occur. What measures do they have in place to detect a breach? If a breach is detected, what’s their communication plan for notifying customers? Will they attempt to investigate the breach and mitigate the damage? If you’re concerned that your personal information has been compromised by a data breach, you can find tips and suggestions at bbb.org/breach.
You can reach your BBB at email@example.com or (510) 844-2000, or by visiting bbb.org.