Businesses www.bizinfoportal.co.uk/2021/02/12/advantages-of-a-business-information-portal/ collect information about their employees and customers. However certain data is personal and could be subject to privacy laws. For instance the time a disgruntled employee at UK supermarket chain Morrisons published employee and customer contact lists in 2014, the business was penalized for violating the privacy laws. This definition of personal information is a key element in a variety of global privacy laws including the EU General Data Protection Regulation.
This includes information about an individual’s behavior, habits and other associations that could be used to identify them. For instance, a name and address, an phone number or email address can be used to identify individuals and also video, images and voice recordings of conversations with your staff and customers. The GDPR also requires you to safeguard sensitive personal information, and imposes specific disclosure and consent requirements on it.
A variety of privacy laws around the globe provide better security for sensitive information. This could include health, biometric, or political association data. You generally need explicit, unambiguous consent to process sensitive information, and the level of protection you are required to provide differ depending on the laws of your jurisdiction.
You might need to conduct an inventory of all laptops, computers digital copiers, and other equipment within your company to determine the locations where personal data is stored. It is recommended to check your file cabinets and computer systems as well as home computers, mobile devices, flash drives and other equipment utilized by your employees. You should also look at the personal information that your business receives from third party and suppliers.