APRO is an official Data Privacy Week 2023 Champion. Data Privacy Week is a project of the National Cybersecurity Alliance, and its goal is twofold:
- To help citizens understand that they have the power to manage their data
- To help organizations (such as your RTO business) understand why it is important that they respect their users’ data.
Be transparent about how you collect, use, and share consumers’ personal information. Think about how the consumer may expect their data to be used. Design settings to protect their information by default. Communicate clearly and concisely to the public what privacy means to your organization, as well as the steps you take to achieve and maintain privacy.
Here are a few steps recommended by the National Cybersecurity Alliance to help build a culture of respecting data at your organization.
Conduct an assessment
Assess your data collection practices. Understand which privacy laws apply to your business, and remember you will have to think about local, national, and global regulations.
- Generate and follow security measures to keep individuals’ personal information safe from unauthorized access.
- Make sure the personal data you collect is processed in a fair manner and only collected for relevant and legitimate purposes.
- Don’t forget to maintain oversight of partners and vendors as well — if another organization provides services on your behalf, you are also responsible for how they collect and use your consumers’ personal information.
Adopt a privacy framework
Research how a privacy framework can work for you. A privacy framework can help you manage risk and create a culture of privacy in your organization. It is a way to build privacy into your organization’s foundation. Get started by checking out the following frameworks:
- NIST Privacy Framework
- AICPA Privacy Management Framework
- ISO/IEC 27701 – International Standard for Privacy Information Management
Educate employees
Your employees are the frontline toward protecting all the data your organization collects. Create a culture of privacy in your organization by educating your employees about their and your organization’s obligations to protecting personal information:
- Create a privacy policy for your company and ensure your employees know it.
- Teach new employees about their role in your privacy culture during the onboarding process.
- Engage staff by asking them to consider how privacy and data security applies to the work they do on a daily basis. Better security and privacy behaviors at home will translate to better security and privacy practices at work.
- Remind employees to update their privacy and security settings on work and personal accounts.
To learn more about Data Privacy Week, please visit staysafeonline.org/programs/data-privacy-week/.
The Association of Progressive Rental Organizations (APRO) is America’s only national trade association for the rental-purchase industry. Our mission is to provide valuable member benefits, maintain a benevolent business climate, and promote professionalism with responsibility and integrity throughout our industry. For more information, reach out to APRO at info@rtohq.org.
