Data Privacy: What You Should Know
October is Cybersecurity Awareness Month, which focuses on increased awareness of cybersecurity threats and best practices to protect data. Data privacy is more critical than ever before with more of our personal and dealership data is digitized and shared online. The more you know about data privacy, the better you will be able to protect yourself from risks.
Data Privacy and Security: The Basics
Data privacy focuses on the rights of individuals. This includes assessing the purpose of data collection and processing, implementing privacy preferences, and monitoring the way organizations govern individuals’ personal data. If your dealership loses any amount of data privacy through a breach, you risk losing the trust of your consumers.
Data security involves upholding a set of standards and safeguards. Organizations must take these measures to prevent any third party from accessing digital data without authorization, and ensuring there is no intentional or unintentional alteration, deletion or disclosure of data.
Be Smart About Your Data
Data privacy targets critical personal information, also known as Personal identifiable Information (PII) and Personal Health Information (PHI). The type of information can include Social Security numbers, health and medical records, financial data, bank account and credit card numbers. To keep your personal information safe, regularly review the privacy settings on your phone, social media accounts, online services and IoT apps. The National Cybersecurity Alliance has great instructions for updating the privacy settings for your devices and social media/online services.
It’s also important to consider the amount of personal information you may want to share. Weigh the information requested against the relevance of the services offered. After deciding how much to share, protect this data with an effective password. Long, unique passwords are recommended — and you should never use the same password for all accounts. You can add a further layer of security by using multifactor authentication (MFA) when available, which has been shown to help block up to 99.9% of automated attacks.
Be Proactive When It Comes to Data Security
Dealerships have a treasure trove of personal and financial data that could be exposed in a cyberattack. There’s a range of sensitive information required to operate your business, as well as private customer data from your F&I department, CRM and DMS. Failure to put sufficient safeguards in place could cause considerable damage to your dealership’s financial future and your customer’s confidence in you. Our research shows 84% of consumers said they would not go back to a dealership after their data had been compromised.
Protecting customer data also extends beyond the walls of your dealership: If you have partners and vendors that provide services on your behalf, you are responsible for how they collect, protect and use your customer data. Make sure to discuss their data privacy and protection process. To be compliant with FTC Safeguards, dealerships are required to periodically assess how their service providers safeguard their data and keep watch over their adherence to privacy laws and state regulations. If you don’t know where to begin, a managed service provider like CDK Global can help you with an evaluation.
It’s also critical to provide your employees with data and cybersecurity awareness training on a monthly or quarterly basis. Create a solid culture of understanding that distinguishes between data privacy and data security.
Lastly, hold a “Tech Talk” meeting with associates to review data protection for your dealership technology, and follow up with security awareness training. Again, there are many security partners out there that offer turnkey security-awareness training solutions specifically built for dealerships. We encourage you to look into them — and let Cybersecurity Awareness Month inspire you to strengthen data protection for your customers and business all year long.