In support of International Data Privacy Day, Genetec shares data protection best practices to help physical security leaders protect privacy, safeguard data, and enable trust without compromising security.
In support of International Data Privacy Day, Genetec, a leading technology provider of unified security, public safety, operations, and business intelligence solutions, shares data protection best practices to help physical security leaders protect privacy, safeguard data, and enable trust without compromising security.
Genetec encourages businesses and individuals alike to use International Data Privacy Day as an opportunity to evaluate and enhance their data protection strategies. By prioritizing privacy, organizations can effectively contribute to a safer digital and physical landscape for all.
Christian Morin, Chief Security Officer at Genetec, said, "Organizations should never have to choose between data privacy and security." He added, "That’s why Genetec solutions are built on privacy by design principles so that our customers can ensure the highest levels of security while respecting personal privacy and complying with privacy laws."
Genetec recommends organizations ensure their security systems respect data privacy by:
Collecting and storing only what you need
A fundamental rule of data security is to collect and store only essential information. The potential impact of a security breach can be reduced by minimizing stored data. It’s important to regularly review and audit data and dispose of unnecessary information responsibly.
Limiting access to sensitive data
Enhancing data security involves restricting access to sensitive information. Genetec recommends implementing data-sharing best practices, such as removing personally identifiable information to safeguard individual privacy. Techniques for anonymizing personal information while retaining its utility include:
- Randomization (adding noise to numerical values such as an individual’s age or income),
- pseudonymization (such as replacing names with unique identifiers), tokenization (such as replacing credit card numbers with tokens that have no direct correlation to the original numbers),
- generalization (such as converting exact birthdates to age ranges),
- and data masking (showing only the first few digits of a phone number).
Ensuring privacy without compromising evidence
By making use of technologies such as KiwiVision Privacy Protector, organizations can automatically anonymize images of people, so they can continue to survey surveillance footage while respecting privacy. This technology also offers an additional layer of security that ensures only authorized users can “unlock” and view unmasked footage while maintaining an audit trail.
Being transparent and get user consent
Building trust through transparency and user consent is essential. It’s important to clearly communicate with users about the data collection process, promoting informed decisions. Organizations should also gain explicit consent before collecting and processing data.
Choosing a reliable data storage provider
Organizations should select a data storage provider carefully, ensuring a clear understanding of data storage, handling, and sharing practices. If using third-party services, organizations should demand strong security measures and reliable data handling practices. Establish who “owns” any data stored in the cloud, and any rights/privileges associated with the use or disclosure of any information.
Establishing strong policies
To ensure long-term data safety, Genetec recommends putting in place robust policies across the organization. Enforcing a transparent chain of custody through technology, such as a Digital Evidence Management System (DEMS), ensures accountability and traceability at every stage of the data lifecycle.
Data security is an ongoing process, and organizations should regularly update protocols, stay informed about emerging threats, and continuously educate their teams on best practices.