January 28, 2021 is Data Privacy Day and CyberSafeNV is proud, as a Data Privacy Day Champion, to play a part in this international effort by growing awareness and providing tips and guidance to help people and organizations to protect their data. We will share a series of articles designed to explain some of the nuances around what privacy means as well as resources focused on a variety of internet users so that you can take appropriate measures to safeguard your privacy.
This second article is focused on the data privacy responsibilities of federal, state, and local governments. Millions of people in Nevada share their personal data with government organizations on a regular basis and may not know what steps those agencies are required to take to protect that data
What data privacy rules do government agencies have to follow?
The Privacy Act of 1974, and the amendments applied to it over the years, provide explicit guidance on how federal agencies can collect, maintain, use, and disseminate information about individuals contained in any system of records they control. It also contains rules allowing individuals to access the data federal agencies collect and maintain on them and obtain a copy of the data or any portion of the data. One of the most important elements of the Act is the rule for disclosing information about an individual to third parties. The Act mandates that, with a limited number of exceptions, the data on an individual can only be disclosed to a third party with the written consent of the person to whom the record pertains.
You can read more on the Privacy Act of 1974 and its amendments on the U.S. Department of Justice website.
The State of Nevada has similar legislation which applies to more than just State agencies. Nevada Revised Statute 603A contains the rules government agencies, institutions of higher education, corporations, financial institutions, retail operators, or any other type of business entity or association must follow if they handle, collect, disseminate or otherwise deal with nonpublic personal information. It contains requirements for how agencies must destroy records when they are no longer needed, steps agencies must take to protect data, and rules for disclosing a breach of the system of records maintained by the agency.
Your local city or county may have their own rules for protecting an individual’s private data.
What do I need to do?
If you work for an agency that collects personal data on customers and you have access to that data:
As a customer, there are some basic steps you can take to help safeguard your privacy:
- DO YOUR RESEARCH: Know what laws protect your data when it’s in the hands of federal, state, local, or commercial agencies. Find out how an agency meets the requirements of those laws before giving them your personal information.
- LIMIT THE DATA ABOUT YOU: Only provide agencies with the minimum amount of information about you they need to provide you the services you are requesting.
Update the privacy settings on at least one of your online accounts this Data Privacy Day (January 28). Check the privacy and security settings on web services and apps and set them to your comfort level for information sharing. Each device, application or browser you use will have different features to limit how and with whom you share information. Get started with NCSA’s Manage Your Privacy Settings page: https://staysafeonline.org/stay-safe-online/managing-your-privacy/manage-privacy-settings/