Fundamentals of Data Privacy
1. Data Security
Data security is troubled with preventing unauthorised users from obtaining data, it is related to data confidentiality. Organisations should adhere to the CIA trinity of secrecy, integrity, and availability while safeguarding sensitive information or data in general.
This is accomplished through the use of encryption, secure connections like VPNs for transmitting sensitive data, a well-defined security policy, and physical security measures including maintaining data centres on-site and burning papers containing sensitive data.
2. Data Confidentiality
Data confidentiality is the safeguarding of sensitive data from unauthorised access . The appropriate authorization is compulsory for users to access, utilize, view, and share the data. In this sense, not all data are created equal because some are more sensitive than others.
Under the General Data Protection Regulation (GDPR) of the European Union, information about a person’s race, ethnicity, political opinions, religious beliefs, trade union membership, genetics, biometrics, health information, and sexual orientation or life is considered confidential and is subject to stronger legal protections.
3. Restrictions on Data Collection
Organisations should gather as little information as possible about their consumers when adhering to data privacy rules. Sensitive data should only be gathered for clear, unambiguous, and legal objectives and should not be further processed in a way that conflicts with those goals.
Companies should only gather information that they want to utilise for certain purposes. To offer a complete service, a doctor’s office will require the weight, height, and age of the patient.
What is Data Privacy?
Data privacy is a component of data protection .It deals with the appropriate handling, immutability, security, and storage of sensitive data.The appropriate management of personally identifiable information (PII), such as names, addresses, Social Security numbers, and credit card numbers, is generally linked to data privacy. The concept, however, also applies to other private or sensitive data, such as financial, intellectual, and health-related data. Data privacy and protection initiatives, as well as the legislative needs of different governing bodies and territories, are generally governed by vertical industry rules.