29 January 2024

Data Privacy Day – 28th January

By Becky Hall, Information Governance Manager, Naomi Korn Associates

Data Privacy Day is celebrated on the 28th January to raise awareness around privacy and data protection best practices as it isn’t just for sorganisations to consider. It is a good time to think about the ways in which you keep your personal data safe and check if there is anything else you can do it make it more secure.

Some easy things, and potential tweaks to make include:

  • Auditing your social media – are you happy with the privacy settings you are currently using and what others can see as a result of this. It can also be a good time to see what shows up on your social media page and delete anything that you no longer wish to share.
  • Auditing your friends’ and family’s tagged posts on social media – if you don’t want to be tagged, find the option to disable the function in your account settings, or ask your friend/family to untag you if you would rather.
  • Using a VPN – if you connect to public WiFI when you are out and about or travelling the connection usually isn’t secure and can put anything you transmit over the connection at risk of being intercepted. Using a VPN helps to keep your connection, and your data more secure.
  • Turn on multi factor authentication – more accounts nowadays offer you the option to use multifactor authentication sometimes referred to as MFA or 2FA. This can help keep your account secure as not only do you require a password but another way to authenticate the login, normally delivered as a text to your phone. It can make it harder for someone else to try to access your account, as well as alert you to the fact that someone knows your password so you can act.
  • Make sure your devices have passcode/passwords – using a passcode or password on your devices helps to keep the data on them secure, especially if you happen to lose it or someone else picks it up. Passcodes and passwords should be hard to guess, numerical codes based on your birthday could easily be guessed by someone who knows you. You shouldn’t share your passcode or password with anyone else as they could access everything you have on your device and you should make sure that your device automatically locks after a short period of time.
  • Google yourself – decide if you are happy with the results. Whatever you see a future employer or client also sees. You have the right to ask a search engine to delete links that lead to web pages about you. Read more below about the right to erasure.

Know your rights under data protection law

In the UK individuals have eight rights under data protection law: the right of access, the right to be informed, the right to rectification, the right to object, the right to restrict processing, the right to erasure, the right to portability, rights around automated decision-making. And they can be used as a way to control your data and what organisations are doing with it.

  • The right of access – this allows you to request a copy of the information that an organisation holds on you. This can be useful if an organisation says that they were going to do something but don’t as it may provide you with records and logs that can show that a specific decision was taken. Bear in mind that the right of access isn’t absolute, and the organisation may lawfully withhold certain information. You shouldn’t interpret this as them hiding data, just that they have relied on a specific data protection exemption which says that your right to access can be put second in this context.
  • The right to object – this allows you to have an absolute right to stop receiving direct marketing, which may take the form of emails. This could be useful if you have unsubscribed to a marketing newsletter but are still receiving emails. It also means that you have the right to object to your data being processed in certain circumstances depending on the lawful basis an organisation is processing your data under, but this is not absolute.
  • Right to erasure – this right isn’t an absolute right and only applies in certain circumstances but allows you to ask for data held about you to be deleted. For example, your employer can’t delete everything it holds about you as it has legal time periods for which it needs to retain the data however, if a charity you volunteered for years ago is using pictures of you on their website you could ask for all images of you to be deleted as these would be outside any retention period, and you are withdrawing your consent for them to be used.

If you have a question about your rights or are unhappy about a response you have received from an organisation, you can call the Information Commissioner’s Helpline for advice on 0303 123 1113.

Naomi Korn Associates support our clients to enact data privacy best practice throughout their organisations. We also have training courses available on all aspects of Data Protection and Freedom of Information, and are very excited that spring and summer 2024 dates are to be revealed soon. Contact us to find out more about the services we provide, and sign up to our  newsletter and follow us on Twitter @NKorn and LinkedIn: Naomi Korn Associates to keep up to date.  

Recent News

15 April 2024

CPD Accreditation Announcement

read story
29 April 2024

Free guidance on offer at the Museums & Heritage Show

read story
23 April 2024

New Horizons: Attack of the Bots

read story
17 April 2024

Visit us at the Museums & Heritage Show 2024

read story

Back to News

Discover more from Naomi Korn Associates

Subscribe now to keep reading and get access to the full archive.

Continue reading