Data Privacy regulations require that we protect the privacy of people whose data we collect.
So, what does that mean?
Transcript below:
"While the specific data that needs to be protected does vary depending on the specific regulation, there are some general concepts and guidelines that can be helpful, especially if you are getting started.
First of all, data privacy regulations apply to the data or information that we collect about people.
People can be donors, volunteers, newsletter sign-ups, or our employees.
Any people.
Personal information falls into a few general categories.
First, there is Personal Identifying Information or PII.
Some examples of PII include… name, address, email, phone, birthday - other, types of identifiers can also include geolocation, IP address
Next, we have sensitive information —in the US, that’s social security, passport, health records, credit card, financial records.
Sensitive information comes with added levels of risk -- potential harm to the individual -- if it is compromised.
GDPR, the EU privacy law includes religious beliefs, ethnicity, sexuality, political opinions, union membership, and other items in what it terms as “special categories”.
So, these are common examples of personal information.
This chart is a resource, which is available to you
It provides a starting point for understanding what’s “personal information”.
Definitions of personal information vary depending on the locality and the regulation. Check the text of the specific regulation for details.
Knowing what you have is the essential first step in identifying your organization’s privacy risks."