Your Privacy Rights Matter
The right to be left alone, to be free from intrusion from both government and private parties, is recognized globally as a fundamental human right. This right is recognized in more than 150 national constitutions.
In the United States, in lieu of a comprehensive federal privacy law, this right is protected by individual state laws,[1] by U.S. Constitutional Amendments (3rd, 4th, 5th, and 14th), and by industry-sector specific laws, which are enforced by regulatory agencies (e.g., FTC, FCC, HHS). What do all these laws have in common? They empower individuals by giving them specific rights as to how their personal information is collected and used.
Top 10 Privacy Rights Laws
As more and more states and nations around the world work to protect their citizens’ personal data online and offline with new and stricter privacy regulations, let’s take a look at the top 10 privacy rights these laws are protecting.
- Right to Be Informed
Individuals have the right to know whether their data is being collected, retained, and shared. - Right to Access
Individuals have the right to know what data is being collected, how it is being used, and with whom, if anyone, it is being shared. - Right to Rectification
Individuals have the right to correct inaccuracies, complete incomplete information, and update outdated information to ensure retained data is current, correct, and complete. - Right to Deletion
Individuals have the right to have their data deleted. This right is also known as the ‘right to erasure’ and the ‘right to be forgotten.’ - Right to Restriction
Individuals have the right to limit processing of some or all their personal information permanently or temporarily without requesting their data be deleted. - Right to Data Portability
Individuals have the right to obtain a portable copy of their data, typically for free and in a format that is human-readable as well as machine-portable. - Right to Opt-Out
Individuals have the right to say “No” to the selling of their personal information to third parties. - Right to Non-Discrimination
Individuals have the right to equal treatment (and not be ‘penalized’) when they exercise a right (e.g., opting out). - Right to Sue
Individuals have the right to seek civil damages (via private or class actions) against covered businesses for violation of a statute (e.g., a data-breach resulting from adequately protecting their data). - Right to Non-automated Decision Making
Individuals have the right to human input in decisions about them (e.g., credit approval) to ensure decisions are not based solely on automated processes.
When it is time to implement a privacy compliance solution, being familiar with what these rights grant will help enable your organization to meet privacy requirements.
How Milestone Can Help
Milestone can help you design and implement a robust privacy compliance program that shortens your time to compliance and ensures your solution is effective, efficient, and scalable. Our solutions can include:
- Standing up a privacy-rights request intake-and-fulfillment process
- Implementing a robust privacy-controls monitoring program
- Managing your privacy notices and policies
- Reporting your compliance posture to your board of directors
- Providing evidence of compliance to regulatory authorities.
Learn more about leveraging your ServiceNow investment to ensure your organization remains continually compliant and audit ready. Contact us today.
About the Author
Mike DeAndrea, GRC Practitioner and Advisory Solution Architect, Milestone
Mike helps Milestone customers understand how the power of ServiceNow to meet their regulatory compliance needs in the shortest time. He has over 20 years of applied expertise in Governance, Risk, and Compliance. As a practitioner, he managed the compliance efforts of a large enterprise-wide IT operations department of a multi-billion-dollar, multi-national company for several years. As a consultant, Mike has been helping high-profile customers deploy GRC solutions in ServiceNow for over five years. He maintains a number of ServiceNow and industry certifications and specializes in designing solutions that are effective and highly efficient. He helps minimize the time to value and drive down the cost, burden, and impact of compliance on your organization. Connect with Mike on LinkedIn.
*Disclaimer
The information provided in this article is for technical information purposes only and should not be construed as providing legal advice. Be sure to check with your legal and compliance teams before implementing any recommendations described in this article.
[1] Eleven U.S. states (Alaska, Arizona, California, Florida, Hawaii, Illinois, Louisiana, Montana, New Hampshire, South Carolina, and Washington) include the right to privacy in their state constitutions.
Related Content
California Consumer Privacy Act (CCPA): What’s Required and How to Comply
The California Consumer Privacy Act is about to go into effect. Now is the time to make sure your company is preparing to adhere to the new requirements.
Preparing for Consumer Privacy Laws from California to Maine
Leveraging ServiceNow to Stay On Top of Ever-Changing Privacy Laws
