Think your online business isn't big enough to have to worry about privacy and security issues?

Think again.

The previously unregulated era of data privacy is rapidly coming to a close.

Privacy laws are on the books in more than 40 countries; the United States is instituting major new regulations for data privacy and security for the financial and healthcare industries.

And broad legislative initiatives are under way.

It's time to make sure your data privacy house is in order, so when questions about your security preparedness get asked -- and they will, sooner or later -- you'll be ready to respond. It's also better to take some proactive privacy defense measures now, before you end up on the wrong end of a successful hack or a privacy breach lawsuit.

And data security is already an issue if you do any business online, because your Web site has undoubtedly been scanned for vulnerabilities countless times. If your site hosting company tells you otherwise, someone's asleep at the firewall.

It's easier to review your data security than you think. The questions you need to focus on are:

  • What data are stored?.
  • How and where are data stored?
  • How are customer data processed?
  • Who looks at the data?
  • What should you do with the data?

What Data Are Stored?
Find out from your webmaster or e-commerce service provider what kind of data you're storing. In fact, forget about the fact that you're most interested in customer data, because this might put a filter on what data you're told are stored. Identify all the data collected, such as name, address and order number, then select any customer-related data and sort them by the following types:

High-risk customer data. These include complete credit card numbers and medical information.

Lower-risk customer data. These include customer names and addresses, partial credit card numbers, phone numbers and order histories, except those of a personal nature.

Minimal-risk customer data. These include Web site activity report information, such as number of hits, number of unique visitors, originating domain of visitors, and referring URL; aggregate customer information, such as purchases by age, region, and product; and all other nonidentifying customer data.

How and Where Are Data Stored?
You'll almost certainly need to talk to whoever built or is involved in hosting your Web site to answer this question. This is, after all, a technical question. It involves what servers your data sit on and how they sit there.

Here are the rules you should follow if you're storing any high-risk customer data such as credit card numbers:

The data must be stored encrypted.

The data must reside on a database on a separate server from your Web server.

Here's why: If such high-risk data aren't encrypted, they're easier for someone to read.

Don't be surprised if encryption becomes a legal or business necessity in the United States in the next couple of years. It already is in some industries and countries.

A separate database server for any high-risk data, even if encrypted, is more expensive. However, this is another area in which cutting corners is ill-advised. If the database holding that high-risk data sits on the Web server, it is inevitably more accessible to Internet traffic, including unauthorized access attempts.

If you use a payment gateway services provider, by the way, there's no reason to store credit card numbers anyway. Not doing so is the best security move you can take.

How Are Customer Data Processed?
Follow the data and see where they lead. Where are order confirmation messages sent? Are these messages e-mailed? If they are, and if they contain a customer's complete credit card number, review Rule No. 1: Never send or request a credit card number via e-mail, which is an inherently insecure electronic communication format.

Under all circumstances, you should always treat all your customer's data with care. Many companies have come under fire simply for sending e-mail to their customers in a single mass e-mail that shows each address in the To field.

If you're part of a shared hosting environment or on an outsourced e-commerce platform, find out if any of your service providers access any of your customer or transaction data, and what they do with them.

Standard Web site activity reports are pretty low-risk in terms of potential privacy breaches. If your site activity reports are like most, they're based on Web server-logged activity, none of which identifies site visitors by name.

Who Looks at the Data?
You should already have most of the information you need on who is accessing the data and what they're doing with them. Now find out who else, if anyone, is looking at this information. Are data sold to or shared with an outside company or business partner?

After completing this step, you should have identified and categorized all the data being collected: How data are processed, where they go, and who looks at them. This is everything you need for a viable data privacy and security assessment. The next step puts this information into perspective.

What Should I Be Doing With the Data?
Businesses in the health-care and financial industries or that operate in Europe or other countries with strong privacy standards have this question answered by various laws and regulations.

Otherwise, at least for now in the United States you can pretty much set your own privacy standards. You'll find many recommended privacy policies and industry best practices to read up on at and similar pro-privacy Web sites.

But the bottom line still seems to be that as long as you do what you say you will do with your customer data in your privacy policy, you can almost do whatever you want. That is, until the market, the law or the FTC say otherwise.

But regardless of whether you follow a privacy law that tells you how to collect, store and use customer information, or whether you get to make up your own methods, you need to get those methods in order. The data privacy hurricane is growing, so it's time to tape up your windows.

Copyright © 1995-2001 Pinnacle WebWorkz Inc. All rights reserved. Do not duplicate or redistribute in any form.