Ask the Expert: What New Privacy Laws Mean For Your Agreements

The top three privacy issues in-house counsel should address relate to evidence of data practices, assessing third-party data risk, and assessing risk with legacy data. Evidence of data practices is essential because regulators want information about how companies handle data and their processes and procedures. Data privacy regulations call for organizations to tie data to a purpose. Once the purpose is done with the data, it should be deleted or returned to the individual.

Here’s some really important things you should remember:

• many laws call for businesses to do proactive assessments of their data privacy management
• think about minimizing the intake of data from individuals
• many data privacy regulations tend to address third-party data sharing

Business partners need to work very closely together and find out what data privacy regulations apply to their businesses and figure out who will take responsibility for what part of this data handling process.

Along with that companies can improve their data maturity in the future and reduce the amount of data they need to do business processes. It is just thinking through the problem and asking why we are collecting such data. Hence, minimizing the data that you collect from individuals minimizes your risk of data privacy issues.