Data Privacy Day (2021): Government Agencies

January 28, 2021 is Data Privacy Day and CyberSafeNV is proud, as a Data Privacy Day Champion, to play a part in this international effort by growing awareness and providing tips and guidance to help people and organizations to protect their data.  We will share a series of articles designed to explain some of the nuances around what privacy means as well as resources focused on a variety of internet users so that you can take appropriate measures to safeguard your privacy.

This second article is focused on the data privacy responsibilities of federal, state, and local governments. Millions of people in Nevada share their personal data with government organizations on a regular basis and may not know what steps those agencies are required to take to protect that data

 What data privacy rules do government agencies have to follow?

The Privacy Act of 1974, and the amendments applied to it over the years, provide explicit guidance on how federal agencies can collect, maintain, use, and disseminate information about individuals contained in any system of records they control. It also contains rules allowing individuals to access the data federal agencies collect and maintain on them and obtain a copy of the data or any portion of the data.  One of the most important elements of the Act is the rule for disclosing information about an individual to third parties.  The Act mandates that, with a limited number of exceptions, the data on an individual can only be disclosed to a third party with the written consent of the person to whom the record pertains.

You can read more on the Privacy Act of 1974 and its amendments on the U.S. Department of Justice website.  

The State of Nevada has similar legislation which applies to more than just State agencies.  Nevada Revised Statute 603A contains the rules government agencies, institutions of higher education, corporations, financial institutions, retail operators, or any other type of business entity or association must follow if they handle, collect, disseminate or otherwise deal with nonpublic personal information.  It contains requirements for how agencies must destroy records when they are no longer needed, steps agencies must take to protect data, and rules for disclosing a breach of the system of records maintained by the agency.

Your local city or county may have their own rules for protecting an individual’s private data. 

What do I need to do?

If you work for an agency that collects personal data on customers and you have access to that data:

  • KNOW YOUR RESPONSIBILITIES: Ask your employer what steps you are required to take when gathering, using, or disclosing personal data you access.  Familiarize yourself with your agency’s privacy policy, and be prepared to discuss it.  If your agency doesn’t have a privacy policy, ask them to create one.
  • INFORM YOUR CUSTOMERS: Whenever possible, let your customers know why you are collecting their information, how you are using it, and what steps they can take to ensure it is accurate and protected.  Usually, the best way to do that is to provide them a copy of, or link to, your agency’s privacy policy.

As a customer, there are some basic steps you can take to help safeguard your privacy:

  • DO YOUR RESEARCH: Know what laws protect your data when it’s in the hands of federal, state, local, or commercial agencies.   Find out how an agency meets the requirements of those laws before giving them your personal information.
  • LIMIT THE DATA ABOUT YOU:  Only provide agencies with the minimum amount of information about you they need to provide you the services you are requesting.  
  • READ THE PRIVACY POLICY:  Almost all organizations have a privacy policy (quite often a link near the bottom of their main web page).  Read it to understand what information they are collecting and how they will be using that information.

Take action:

Update the privacy settings on at least one of your online accounts this Data Privacy Day (January 28).  Check the privacy and security settings on web services and apps and set them to your comfort level for information sharing. Each device, application or browser you use will have different features to limit how and with whom you share information. Get started with NCSA’s Manage Your Privacy Settings page:  https://staysafeonline.org/stay-safe-online/managing-your-privacy/manage-privacy-settings/

CyberSafe-WP-Admin