Why contractors in 2021 should be aware of data protection and GDPR

2020 had many unexpected disasters, from a pandemic that wreaked havoc in nearly every country in the world to massive cyber breaches.  As a result, one thing is clear, the topic of data protection isn’t going anywhere anytime soon.

The world is more wary of data protection now than ever before. Customers want an explanation before you collect their personal information, and they want to be given the opportunity to opt out of your data collection program. Not only this but new laws to tighten data privacy policies keep cropping up too.

With that in mind, below is an overview of the reasons contractors need to be aware of and act on data protection and their data privacy policies.

Increased Legislation – GDPR and more

New laws targeting data protection have been making headlines around the world in the past five years. The EU’s General Data Protection Regulation (GDPR) shook up the data world in 2015, forcing small and large businesses to comply or face hefty fines.

Then the UK launched the Data Protection Act in 2018 and later merged it with GDPR to form the UK GDPR. Across the Atlantic Ocean, state after state has been legislating data privacy laws nearly every month. California’s Consumer Privacy Act (CCPA) made headlines in 2018.

And since then, Nevada, Maine and Utah have created unique data protection laws. The objective of all these laws is to protect consumers, many of whom need to share their data with contractors and businesses. As a contractor, you’ll want to pay attention to these laws and comply with them where necessary.

In many cases, complying with privacy policies is as simple as drafting a one-page policy. You can consult a lawyer knowledgeable with data protection laws on how to create these policies. You may also need to register your business with the ICO.  Or you could find plugins designed to help website owners comply with different data protection policies.

Protect your Employees from Cyber Crimes

2020 might have changed how businesses work forever. Some companies now allow almost all of their employees and contractors to work from home. While this is a great move in reducing unnecessary costs, working from home exposes employees to potential security threats.

Think of phishing scams, adware, spyware, viruses, identity theft and ransomware. These are threats that could lead to a major data breach, some of which can impact individuals tremendously, and require you to spend countless resources on fixing the issues. As a contractor you need to be especially aware of the liabilities associated with being employed via your limited company or via an umbrella company.

Surprisingly, some of these cyber threats can be solved with a UK VPN. What is a VPN? It’s a security tool used to hide your identity and encrypt your data. When used in a business environment, a Virtual Private Network can protect your employees from hackers, malware and other common threats.

Besides protecting you, VPNs can also help with safe remote file sharing. What’s more, they can be used to unblock entertainment websites like Netflix or to research your competitors without exposing your identity.

Protect your Business from Lawsuits

Data breach-related lawsuits are growing rapidly. In 2018, American insurance company Aetna agreed to a $17 million lawsuit after revealing the HIV statuses of 12,000 patients through letters it had sent to them. For clarity, the breach was in the envelopes used: they had small windows that revealed the recipients were taking HIV medication.

In the same year, a contractor from California also got into a lawsuit for providing access to the data of 93 people with HIV unlawfully. Closer to home, British Airways Plc is facing one of the biggest data breach-related lawsuits in the country.

Over 16,000 customers are seeking compensations averaging £2,000 each from a data breach that occurred in 2018. The airline has already received a £20 million fine from the UK’s data protection agency – the ICO - last year. If the new lawsuit succeeds and every one of the 400,000 people affected by the breach joins the petition, BA could part with £800 million in settlements.

In light of that information, contractors aren’t immune to lawsuits. Your clients could come after your business if the slightest data breach ever happens. Lawsuits can be incredibly expensive for small contracting firms and they’re best avoided.  Read more about cyber insurance here.

Respect your Customers’ Wishes

The past couple of years have exposed just how much people care about their data. Lawsuits, abandoning brand loyalty, publishing negative reviews, and calling for increased legislations are some of the steps people and governments have taken to demonstrate the importance of data privacy and data protection.

If you care about your business, respect your customers’ wishes and treat data privacy seriously, create a privacy policy to comply with GDPR and other laws depending on your target audience. Crucially, give your customers control over which of their data should be collected, stored and shared if relevant.

Provide an option to consent to data collection and allow them to adjust the list of cookies collected. It’s also essential to provide a way out. This way, no one can accuse you of collecting their data by force or using their data without an explanation up front. Transparency is everything.

Increased Precautions from Businesses

A recent study from Soha Systems show that roughly 63% of data breaches in the world can be attributed to third party businesses like suppliers, contractors, consultants and business partners. This is forcing a lot of companies to increase precautions when dealing with third-party businesses.

If you’re a contractor that handles data shared by partner businesses or working on client data, expect requests and orders to increase your data handling protocols. No one will want to share their customers’ data with you unless you have secure data handling and protection policies.

Large businesses, in particular, will want to reduce data sharing as much as possible. If your contracting business can’t survive without data, invest in data protection tools. Buy software that automates the data handling process and eliminate any loose ends that could lead to a breach. And if you are working on client data you need to be savvy on data handling and may need to satisfy client data privacy policies.

In a Nutshell

Data protection will be at the center stage of many conversations surrounding internet security. Stay prepared by adopting data privacy policies, complying with laws and respecting your customers’ wishes. Consider the process you undertake but ensure you buy the best and adequate tools to protect your contracting career.   

Monday 8th Mar 2021