Privacy doesn’t have to be overwhelming: 5 simple actions to strengthen your privacy program 

Privacy can seem like a daunting subject. 

With so many rules, exceptions, and technical details, it's easy to feel like it’s too complicated to tackle. But the truth is, strengthening your privacy program doesn’t have to be overwhelming—when approached the right way, it can be straightforward and manageable (and dare I say fun?). 

Here are 5 simple actions you can take today to lower risk and improve your organization’s privacy position: 

1. Review Your Privacy Notice 
   When was the last time you updated your privacy notice? Is it easy to find and understand? It should clearly outline how you collect, use, and protect personal data—and be written in plain language that anyone can understand. 

2. Check for Consent 
   Do you always ask for consent before collecting personal information? Ensure that your users know exactly how their data will be used and give them a clear option to opt out if they choose. 

3. Introduce Basic Safeguards 
   Basic safeguards like multi-factor authentication, strong (and unique) passwords, and data encryption are critical. Make sure these are implemented on the systems you use to collect and store personal data. 

4. Clean Out Your Records 
   Take time to go through old paper and electronic files (including emails) and get rid of data you no longer need—or anonymize it if you must keep it. Keeping less data means fewer risks. 

5. Awareness Training 
   Ensure employees, volunteers, and Board members understand your privacy risks and their role(s) in safeguarding data. It’s essential that everyone is on the same page when it comes to protecting both your organization and your community. 

Privacy doesn’t have to be complex or intimidating. 

By taking these straightforward steps, you can strengthen your privacy program and reduce risk without getting lost in the legalese.