Genetec Inc., an innovator in unified security, public safety, and business intelligence technology, has unveiled a detailed array of data privacy guidelines aimed at aiding leaders in the physical security sector to maintain privacy, secure data, and foster trust, all while upholding robust security measures.
This initiative is a proactive measure addressing the growing significance of data protection within our digitally evolving world. By placing a high value on privacy, entities can make meaningful contributions to the security of both digital and physical environments.
“Faced with the challenge of balancing data privacy with security, organizations should not feel compelled to compromise. Genetec is at the forefront, providing physical security experts with vital tactics, thus initiating a shift toward a more secure and reliable ecosystem. This is a continuous journey, and it’s crucial for organizations to consistently refine their protocols, remain well-informed, and perpetually train their workforce on the latest best practices,” commented Firas Jadalla, Regional Director for the Middle East, Turkey, and Africa (META) at Genetec.
Genetec advises that organizations’ security frameworks should honour data privacy by:
- Gathering and Retaining Only Necessary Data: The cornerstone of data protection is the principle of limiting data collection and retention to what is strictly necessary. Mitigating the repercussions of any potential security incidents starts with reducing the volume of data stored. Conducting periodic audits and responsibly discarding superfluous data is crucial.
- Restricting Access to Confidential Information: To bolster data security, access to sensitive data should be limited. Genetec endorses the adoption of prudent data-sharing protocols, which include the removal of personally identifiable information to preserve privacy. Strategies for anonymizing personal data while maintaining its value encompass:
- Randomization: Introducing variability to data points like age or income.
- Pseudonymization: Substituting names with unique codes.
- Tokenization: Replacing sensitive data, such as credit card numbers, with non-correlated tokens.
- Generalization: Converting precise dates of birth into broader age categories.
- Data Masking: Revealing only partial segments of personal identifiers, like phone numbers.
- Balancing Privacy with the Integrity of Evidence: Leveraging solutions like KiwiVision™ Privacy Protector, entities can automatically redact personal identifiers in imagery, enabling the continued analysis of surveillance material while upholding privacy. This tool also adds a security layer, allowing only vetted personnel to access the original, unredacted footage, all while keeping a detailed record of access.
- Advocating Transparency and Securing Consent: The foundation of trust lies in transparency and obtaining consent. Communicating openly with individuals regarding the data-gathering process is imperative, empowering them to make informed choices. Explicit consent should be obtained before any data collection or processing activities.
- Selecting a Trustworthy Data Storage Partner: Choosing a data storage provider should be done with care, with a thorough understanding of their data management and sharing policies. When engaging with third-party services, demand robust security protocols and dependable data management. Clarify the ownership and associated rights or privileges concerning any cloud-stored data.
- Implementing Comprehensive Policies: Genetec suggests establishing stringent organizational policies for enduring data security a clear chain of custody via systems like a Digital Evidence Management System (DEMS) guarantees accountability and traceability throughout the data’s lifecycle.