In support of International Data Privacy Day, Genetec Inc., a globally renowned technology provider of unified security, public safety, operations, and business intelligence solutions, shares data protection best practices to help physical security pioneers protect privacy, safeguard data, and enable trust without compromising security.
Prioritising privacy
Genetec encourages businesses and individuals alike to use International Data Privacy Day as an opportunity to evaluate and enhance their data protection strategies.
By prioritising privacy, organisations can effectively contribute to a safer digital and physical landscape for all.
Data privacy and security
Our customers can ensure the highest levels of security while respecting personal privacy and complying with privacy laws"
"Organisations should never have to choose between data privacy and security,” said Christian Morin, Chief Security Officer at Genetec Inc.
Christian Morin adds, “That’s why Genetec solutions are built on privacy by design principles so that our customers can ensure the highest levels of security while respecting personal privacy and complying with privacy laws."
Recommendations for data privacy
Genetec recommends organisations ensure their security systems respect data privacy by:
Collecting and storing only what is needed:
A fundamental rule of data security is to collect and store only essential information. The potential impact of a security breach can be reduced by minimising stored data.
It’s important to regularly review and audit data and dispose of unnecessary information responsibly.
Limiting access to sensitive data:
Enhancing data security involves restricting access to sensitive information
Enhancing data security involves restricting access to sensitive information.
Genetec recommends implementing data-sharing best practices, such as removing personally identifiable information to safeguard individual privacy.
Techniques include:
Techniques for anonymising personal information while retaining its utility include:
- Randomisation (adding noise to numerical values such as an individual’s age or income),
- Pseudonymisation (such as replacing names with unique identifiers), tokenisation (such as replacing credit card numbers with tokens that have no direct correlation to the original numbers),
- Generalisation (such as converting exact birthdates to age ranges),
- And data masking (showing only the first few digits of a phone number).
Ensuring privacy without compromising evidence:
Organisations can automatically anonymise images of people so they can continue
By making use of technologies such as KiwiVision™ Privacy Protector, organisations can automatically anonymise images of people, so they can continue to survey surveillance footage while respecting privacy.
This technology also offers an additional layer of security that ensures only authorised users can “unlock” and view unmasked footage while maintaining an audit trail.
Being transparent and getting user consent:
Building trust through transparency and user consent is essential. It’s important to communicate with users about the data collection process, promoting informed decisions.
Organisations should also gain explicit consent before collecting and processing data.
Choosing a reliable data storage provider:
Organisations should demand strong security measures and reliable data-handling practices
Organisations should select a data storage provider carefully, ensuring a clear understanding of data storage, handling, and sharing practices. If using third-party services, organisations should demand strong security measures and reliable data handling practices.
Establish who “owns” any data stored in the cloud, and any rights/privileges associated with the use or disclosure of any information.
Establishing strong policies:
To ensure long-term data safety, Genetec recommends putting in place robust policies across the organisation. Enforcing a transparent chain of custody through technology, such as a Digital Evidence Management System (DEMS), ensures accountability and traceability at every stage of the data lifecycle.
Data security is an ongoing process, and organisations should regularly update protocols, stay informed about emerging threats, and continuously educate their teams on best practices.