Who’s collecting your data?

Data collection is the lifeblood of many organizations. It drives sales, allows you to keep in touch with your customers, and facilitates forecasting.

As the importance of customer data grows, so do privacy and security concerns. Over the last few years, there have been dozens of headlines about hackers stealing company data or holding it hostage. As a result, companies have implemented stringent data-collection and protection policies to prevent similar situations from happening in the future.

Unfortunately, some employees use their personal online accounts, such as with Google Forms, to collect data for work. This could lead to serious consequences from both a liability and a privacy perspective.

One of the biggest concerns is who has control over the data. If a user collects data through a personal account, that data is tied to the user, not to the organization. This can cause several problems.

Even though your organization may be following all privacy regulations for the data it collects, the employee who’s using their personal account may not be aware of those regulations or the repercussions of breaking them. And if that employee quits or is fired, they still have access to the data, since they technically own it. Additionally, the former employee can continue to grant access to the data to anyone inside or outside your organization. You may not have any way to gain control of the data.

The data being collected often includes information impacted by the California Consumer Privacy Act (CCPA), the Stop Hacks and Improve Electronic Data Security (SHIELD) Act, and/or the General Data Protection Regulation (GDPR), along with other privacy laws. That creates a potential liability issue if the data is incorrectly accessed and used.

To prevent this from happening, companies should adopt a stringent data-collection policy. Not only does a policy like this include what the company does with customer data, but it should also include how the data is collected and which employees have access to it. Plus, there should be a separate section outlining the disciplinary actions that will be taken against employees if they violate the data-collection policy.

Each company should appoint one person to manage the data-collection process and the protection of that data. This individual would be responsible for providing access to the data, and ensuring that the appropriate people are using it and that they understand the privacy and other obligations involved in accessing the data.

This is just the kind of scenario where JotForm Enterprise can help. Say your organization prefers to have a single point of contact to ensure data privacy. JotForm Enterprise allows one or more administrators to manage access to data. This makes it easy to determine who collects the data, how the data is used, and who has access to that data. Most important, you own the data.

JotForm Enterprise also has integrations with popular workflow software and provides single sign-on access. This means your data will be protected, and you’ll have control over who can create forms and review the submission data from those forms.

One of the many benefits of using a product like JotForm Enterprise is the control it provides. The administrator has complete control over who can access specific types of form submission data and how it’s processed. This helps to ensure that your organization adheres to the appropriate data security and privacy regulations. To learn more about how to protect your form submission data, visit the JotForm Enterprise website.

This article is originally published on Jun 22, 2020, and updated on Jul 06, 2020.
AUTHOR
Steve is Chief Revenue Officer at JotForm and is a prolific writer and presenter about marketing. Raised in Southern California, he earned a MBA in marketing and currently lives in the San Francisco Bay area. You can reach Steve through his contact form.

Send Comment:

JotForm Avatar

Comment:

Podo CommentBe the first to comment.