The Power of Privacy: Steps Towards a Secure Digital Existence

By Paola Garcia Cardenas, Platform Security Engineer

At Bixal, we show our commitment to safeguarding the data of our team members, and clients and their customers by joining the National Cybersecurity Alliance as a Data Privacy Champion during Data Privacy Week 2024.

What Is Data Privacy and Why Does It Matter?

Receiving a text message, checking your email, using the navigation app to get from point A to point B, opening a website to check the news, looking at the weather app on your phone, or making an online payment using your mobile banking app: While all these activities may seem like ordinary tasks, every single one of them is generating data and leaving a digital trail.

Data privacy ensures the confidentiality and security of information generated by these online activities. With vast amounts of personal data being collected, including sensitive financial and personal information, it is crucial to protect this data from unauthorized access or misuse. Without data privacy, individuals are vulnerable to identity theft, fraud, and other activities that can have serious consequences for their financial and personal lives.

Additionally, data privacy is vital for maintaining trust between individuals and the companies or organizations they interact with online. When users feel confident that their data is being handled responsibly and transparently, they are more likely to engage in online activities and contribute to the digital economy. In an era of prevalent data breaches and privacy violations, safeguarding individuals' rights and promoting a secure and trustworthy online environment are paramount.

Online Activities and Your Data

There are a couple of acronyms everyone should be familiar with:

• Personal identifiable information ( PII ) references any information that identifies an individual such as full name, home address, date of birth, social security number, etc.
• Protected health information ( PHI ) is any sensitive and confidential information in a medical record that can identify an individual. Examples of PHI include information such as medical record numbers, doctor's billing information, and laboratory test results.

The way data is generated and used varies depending on the service or application. For example, some doctor's offices save patient information into their systems to schedule appointments and subsequently provide information about a patient's visit and results (an example of PHI). If you use a navigation app, the app may not only have access to your device's IP address, but it may also be collecting real-time data to determine your geolocation and provide accurate traffic information (an example of PII).

Unauthorized access to PII can lead to impersonation, unauthorized account access, and financial and reputational damage. Similarly, accessing PHI without authorization can jeopardize privacy, expose medical history, and result in discrimination or harm to individuals.

Prioritizing the protection of PII and PHI helps to maintain trust, uphold legal and ethical obligations, and safeguard individuals' privacy and well-being. Being vigilant and proactive in protecting this information is crucial to mitigate risks associated with data breaches and privacy violations in the digital world.

According to the Pew Research Center's "How Americans View Data Privacy" survey from March 2023, "the public increasingly says they don't understand what companies are doing with their data. Some 67% say they understand little to nothing about what companies are doing with their personal data, up from 59% [in 2019]."

As technology rapidly evolves, so does the need to adapt and understand the impact these changes have when it comes to our data.In the new era of artificial intelligence (AI), for example, the Pew study states, "as AI raises new frontiers in how people's data is being used, unease is high. Among those who've heard about AI, 70% have little to no trust in companies to make responsible decisions about how they use it in their products."

Take Control of Your Data

Understanding the digital data we have control over, and how it's used, is crucial, regardless of the services or usage. By acquiring a little knowledge and dedicating a few minutes of your time, you can effectively secure your sensitive data and computer systems.

Cybersecurity doesn't have to be intimidating, nor does it necessitate a significant investment of time or money. These 10 basic tips from the National Cybersecurity Alliance (NCA) will help you stay safe online:

1. Keep all software on your devices updated.
2. Use long, unique passwords (passphrases).
3. Use a password manager to securely store your passwords.
4. Enable multi-factor authentication for added security.
5. Be cautious of clicking on links and downloading from unknown sources.
6. Report phishing attempts immediately.
7. Use secure Wi-Fi networks and consider using a virtual private network (VPN).
8. Back up your important data regularly.
9. Check and adjust the privacy and security settings on your accounts.
10. Think before sharing personal information online.

The NCA has excellent resources for learning about data privacy and how you can protect yourself online. The organization even provides direct links to update privacy settings on popular devices and online services, from shopping sites to video conferencing to rideshare services and streaming platforms. You can access the resource here: https://staysafeonline.org/resources/manage-your-privacy-settings/.

Cybersecurity and Data Privacy at Bixal

At Bixal, we respect the privacy of our clients, employees, and stakeholders by continuously reviewing our data collection practices, updating our company's privacy policy, and making sure that our team members understand the importance of data privacy.

We also help protect government entities, their data, and systems by ensuring our projects adhere to a variety of standards and frameworks required to operate. For example, we work daily to understand and implement different security and privacy controls issued by the National Institute of Standards and Technology (NIST).

Our cybersecurity project with USAID/Colombia—just one example of our work in this area—stands as a testament to our commitment to safeguarding personal and sensitive information using the Center for Internet Security (CIS) controls as the main framework and aligning it to best practices. Learn how our proactive measures instill confidence in stakeholders, ensuring the resilience of information systems and the successful deployment of impactful programs: https://www.bixal.com/our-work/digital-apex/.

Join us in taking charge of your data privacy!