Do I need this data to provide the value I’m trying to deliver?
Understanding what data you collect is easier said than done – there is almost always more than you think.
Evaluate data from the user’s perspective: what puts their privacy and security at risk? And how can you categorize your data in ways that make sense for collection while honoring user privacy?
IP addresses and timestamps are standard in most online exchanges and often overlooked in data evaluations. This data poses a security risk because it can be used to identify people and their actions.
Multiple organizations may have access to parts of your data, causing a larger digital footprint than expected.
Review where you collect or receive sensitive data. This allows you to manage who has access, what is collected, and how it is communicated to your customers or supporters.
Most organizations use third party services for managing customer emails, surveys, events, and questions. Vendor templates often collect more data by default. This means you—and the vendor—may both absorb unnecessary risk.
Many organizations collect large amounts of data, much of which is never used.
Ask two important questions:
This process often yields innovative privacy-sensitive designs.
Most sign-up forms ask for first and last name. A valid reason to have this data might be to increase email open rates through customized emails. An equally valuable alternative—that minimizes risk—would be to collect first name only.
Sometimes you need data indefinitely. But often, the value of the data diminishes over time.
Delete sensitive data when it is no longer relevant, or de-identify it as much as possible.
In many cases, a raw dataset containing sensitive data is no longer needed or used within 3-6 months after its collection. But it won’t go away until someone takes action to delete it.