Taslim Ahammad :
Data is something we take it for granted, however, data protection should be one of our big priorities. Sharing data may bring benefits on the other hand it is not without risks. Personal data reveals a lot about people, thoughts, and life. These data can easily be exploited to harm, and that is especially dangerous for individuals and communities, such as journalists, activists, human rights defenders, and members of oppressed and marginalised groups. Because of all these, data must be strictly protected.
Necessity is a fundamental principle when assessing the restriction of fundamental rights, such as the right to the protection of personal data. In the European Union, data protection is a fundamental right, and the General Data Protection Regulation (GDPR) is the new framework for protecting that right. It is not without flaws; however, it represents a very positive framework for users, enabling Europeans to take back control of their personal information.
Data protection refers to the practices, safeguards, and binding rules put in place to protect personal information and ensure that remain in control of it. It is the process of safeguarding important information from corruption, compromise or loss. In short, people should be able to decide whether or not they want to share some information, which has access to it, for how long, for what reason, and be able to modify some of this information, and more.
Data privacy relates to how a piece of information or data should be handled based on its relative importance. In the digital age, people typically apply the concept of data privacy to critical personal information, also known as Personally Identifiable Information (PII) and Personal Health information (PHI). This can include social security numbers, health and medical records, financial data, including bank account and credit card numbers, and even basic, but still sensitive, Information, such as full names, addresses and birthdates.
General Data Protection Regulation (GDPR) is in UK law as the Data Protection Act 2018. It governs your personal data rights, including the way companies handle your data and the compensation you can claim for misuse of your data.
All companies have data, such as personnel files, customer data, product information, financial transactions, etc. In fact, data is one of the most important assets a company has. For that reason alone, data protection should be a top priority for any company. This includes guarding the availability of the data to employees who need it, the integrity of the data, keeping it correct and up-to-date and the confidentiality of the data, the assurance that it is available only to people who are authorized. About customers, ensuring their data is held safe is the minimum people will expect from companies they deal with or invest money in. It safeguards the reputation of the business, establishing as a brand that people can trust with their data.
Need strict data protection regulations – Firstly, the purpose of personal data protection isn’t to just protect person’s data, but to protect the fundamental rights and freedoms of persons that are related to that data. Whilst protecting personal data it is possible to ensure those persons’ rights and freedoms aren’t being violated. For example, incorrect processing of personal data might bring about a situation where a person is overlooked for a job opportunity or, even worse, loses current job. Secondly, not complying with the personal data protection regulations may lead to even harsher situations, where it’s possible to extract all the money from a person’s bank account or even cause a life-threatening situation by manipulating health information. Thirdly, data protection regulations are necessary for ensuring and fair and consumer friendly commerce and provision of services. Personal data protection regulations cause a situation, where, for example, personal data can’t be sold freely which means that people have a greater control over who makes them offers and what kind of offers they make.
Need data protection updated laws – Laws need to be updated to address today’s reality. Ever since the internet was created, people have been sharing more and more of their personal information online. In many countries, privacy rules exist and remain important to help protect people’s information and human rights, but they are not adapted to suit the challenges of today’s connected world.
Encouraging safe data handling practices-The concept should apply for our data, and by enforcing security when it comes to handling data, sensitive or other, you have employees who are more informed about managing and storing that information most appropriately. Data is the backbone that makes up many customer-focused businesses, and should never be a second thought.
The primary role of the Data Protection Officer (DPO) is to ensure that the organisation processes the personal data of its staff, customers, providers or any other individuals also referred to as data subjects in compliance with the applicable data protection rules.
To ensure that personal data is secure, it is important to know what data being processed, why being processed and on what grounds. In addition, it is important to identify which safety and security measures are in use. All of this is possible thorough data protection audit, which identifies the data flow and whether the data protection regulations are being followed. The audit can be carried out by answering a set of specific questions that have been prepared for that purpose. The results will give a clear overview of the procedures and possible data leaks, which can then be stopped.
One final recommendation to help keep our data private, regularly assess the privacy settings on social media accounts. Remember, you may be sharing a lot more than just your name with people you have never met and a savvy decadent could use that information to steal your identity and a lot more.
(Taslim Ahammad, Assistant Professor, Bangabandhu Sheikh Mujibur Rahman Science and Technology University, Gopalganj)
