Thursday, 28 January 2021

Business.com

Business.com


7 Tips to Get More Google Reviews (With Minimal Effort)

Posted: 27 Jan 2021 03:05 PM PST

Google reviews: They're a necessary evil for success in this day and age.

Studies have shown that anywhere between 80% and 95% of consumers read product and business reviews to guide their decision-making process. Online shoppers tend to trust the reviews of total strangers, for better or for worse; naturally, the more positive reviews your business has, the more your potential customers are likely to trust in your product. 

The process of getting those elusive reviews must be so difficult, right? Not so! Let's explore seven ways you can cultivate more reviews for your business (with fairly minimal effort on your part).

1. Ask!

The first step to building your Google review base is pretty straightforward: Ask for it! Requesting reviews should be a regular part of your interactions with your customers.

Asking a customer to review their experience during checkout in your brick-and-mortar shop might be a tall order – you may get a positive response, but by the time the customer gets back home to their computers, they've forgotten about their promise to give that glowing review. And even if your business is run online, the customer needs some time to receive and put to use whatever product or service it was they ordered before they can form an opinion on it. So, whether your business is run online or in person, following up is key.

Email is perhaps the easiest way to request reviews from your customers. Create a template for a follow-up email (or, more likely, emails –persistence is also going to be important) and set it up to automatically go out in the days and weeks after their purchase or interaction with you. In your email, you want to thank them for their business and ask for a rating and review. It could be something as simple as the following:

Dear [Customer name]:

Thank you for your purchase [or visit to the store] on [Date]. We sincerely hope you're enjoying your new [product]! Your feedback is important to us, so be sure to let us know what you think by clicking the link below to leave a review. We appreciate you and can't wait to see you again soon!

And that leads us right into the next point …

2. Make it easy.

People tend to take the path of least resistance. If they are left to figure out the process of leaving a review, they will likely abandon it, unless they really have something to say about your business, which could be good, but is just as likely – if not more so – to be bad. Make the review process for your business as simple, straightforward, and dare I say, failproof as possible.

The best way to do this is to create a custom review link for your business. Google has made this process fairly simple, and it can be done for both traditional desktop web pages and mobile apps.

This link should be included just about everywhere your business is: on your website, in those request emails, on your print and e-receipts. Don't make people have to search for a way to review. Give it to them. The easier it is for someone to leave a review, the more likely they are to follow through and do so. And it goes hand in hand with creating a great customer experience.

3. Verify your business.

It's also important to verify your business with Google by signing up for Google My Business and following the steps for verification. This ensures that your business listing information is accurate and gives your business a boost of legitimacy for anyone looking up your product or place of business.

Verifying your business on Google also protects you against anyone who is not an authorized representative from making edits to your business page. That could be a random person looking to cause trouble, or it could be a disgruntled customer (or competitor) seeking to sabotage your site. Either way, get that business verified.

Verifying your business also puts you in a much better position to be ranked in Google's search results, which can increase your visibility, which increases your potential customer base, which increases the number of reviews you can potentially receive, which leads to more visibility and more customers, and ... you get the idea.

Having a verified business also gives you the ability to ...

4. Respond to negative reviews.

Respond to each and every review you get! As our society trends toward automation and less face-to-face interaction, people still want that personal connection (and that a business is genuinely interested in meeting their expectations). Even if your response is just a simple note of thanks, you are demonstrating to your customers that their feedback is important to you.

And it shouldn't stop with the good reviews, either. Continue to exhibit courtesy, respect and good customer service when responding to negative reviews and less-than-happy customers. Reach out to them and try to make the situation right. Even if potential customers read a poor review, they will see that you made an effort to make your customer happy. 

5. Ask your stakeholders for reviews.

External customers don't have to be your only source for reviews. Reach out to your internal customers as well, your business partners, vendors and even your own employees!

No one knows your business, brand and culture better than the folks who interact with it every single day. If your staff love what they do, ask them to share that with the world. If you've formed friendships with your vendors, awesome! Ask them to vouch for you online. 

If your potential clients know that your employees and partners genuinely respect and enjoy working with you, that's a great endorsement for your overall brand and image. 

6. Create calls to action to secure more reviews.

Create calls to action (CTA) to give your clients ample opportunity to review your company. Including CTAs throughout your website and social media pages is a passive method for you to request feedback, but it creates a consistent reminder to your customers to leave a review for your business. CTAs can be a blurb in the footer or sidebars of your website, which will show up on every page of the site. It could even be pop-up reminders within your site asking your customer to leave a review. Any email campaigns and surveys you send out can also be great places to drop that magic link for feedback. Be sure to include that custom review link!

While you should be persistent with your CTAs, remain tactful. You don't want your user experience to feel like a virus-riddled minefield, so be gentle and sparing with the pop-ups.

7. Purchase a review-generation tool.

And, finally, perhaps the most minimal-effort method of all: Install a review generation tool to help streamline the whole process. Podium, NiceJob, Servgrow and TrustPilot are all review-generation tools specifically designed to bring in more reviews on multiple platforms, not just Google.

These tools, unfortunately, are not always free, but they can be a great way to help reach more customers and make your online reputation management more efficient by keeping everything neatly in one place.

Building up your Google reviews doesn't have to be a complex or even particularly involved process. Much of it can be created once, allowing you to sit back, relax, and watch your reviews – and your business – grow.

Unify Customer Data for Better Marketing, CX and Fraud Prevention

Posted: 27 Jan 2021 01:54 PM PST

Is your e-commerce store getting the most value from the data you collect? Ideally, your store's digital marketing program uses data to personalize each customer's experience. Your store's fraud control program is likely also using data to authenticate your customers at checkout. But are these two data sets connected? 

For many retailers, they're not – and the disconnect can undermine customer experience (CX) efforts, revenue and customer retention. All the money your store spends to customize touchpoints and serve personalized recommendations to your customers is wasted if your fraud control program doesn't recognize those same customers at checkout and treats their orders as fraud. 

Rejection of good orders, known as false declines or false positives, is something nearly a quarter of online shoppers across five countries (the U.S, U.K., Canada, Mexico and Australia) have experienced, according to a March 2020 Sapio Research survey commissioned by ClearSale. This damages CX, sometimes beyond repair. 

The stakes are rising for delivering great CX and preventing e-commerce fraud. Despite the challenges retailers and shippers face because of the pandemic, 80% of consumers said they expected better customer service in 2020. Meanwhile, digital fraud increased by 55% from March through the end of 2020, putting e-commerce revenue at risk. 

Many merchants already have the key to avoiding CX errors and fraud in their data, but they haven't fully tapped its power yet. Here's why and how retailers can use the data more effectively to close the CX gap between marketing and fraud control.

Data for personalized, seamless customer experiences 

Even before the pandemic pushed people to rely more on e-commerce, 80% of consumers said they were more likely to buy from brands that gave them a personalized experience. Now, with customer expectations higher than ever – and more competition among online retailers – personalization at each touchpoint is the key to customer engagement. 

Nothing breaks the experience of feeling recognized like being rejected, but more than 27% of U.S. shoppers in the Sapio survey said they'd had an online order declined. When that happens, customers may feel frustrated and insulted – and they certainly don't feel recognized. 

In fact, the Sapio survey found that customers are much less tolerant of false declines than they are of fraud. Thirty-three percent of U.S. shoppers surveyed said they would never shop again with a merchant after a decline, and 25% would complain about the experience on social media. Yet only 19% said they would abandon a merchant after having a fraud experience with them. 

Those statistics represent a lot of lost marketing spend and brand damage – problems that can be prevented with better use of customer data for fraud prevention.

Data for accurate customer authentication and fraud control

Fraud prevention requires data to authenticate customer identities, not just payment methods. With billions of records exposed due to data breaches, even careful consumers can become the victims of not only card theft but also account takeover (ATO) fraud that's harder for basic fraud-screening tools to detect. 

To avoid chargebacks due to ATO fraud, retailers need to make sure they can verify each customer by characteristics that fraudsters find hard to mimic. That can include behavioral biometric data – how hard the customer typically taps their smartphone screen, for example – as well as past purchases, typical behavior on the store website, and other indicators that the person placing the current order is the same customer who's placed good orders in the past. 

For example, let's say a customer wants to order $500 of auto parts from an online store. They signed in with their established customer account and are using their default payment method. A good fraud-screening program will raise a flag if this customer has only placed $50 orders for car wash supplies in the past – especially if this is the first time they've visited the auto parts section of the website. 

However, it would be a mistake for the merchant to stop here and reject the order. Instead, manual reviewers can analyze the order more thoroughly before making a decision. What if the customer is visiting family and has offered to help a relative restore a car that has sentimental meaning? Perhaps they placed their order on their phone after browsing Instagram for pictures of restored cars and getting served ads based on those searches. 

How are they going to react if they've followed their customer journey to its logical conclusion, only to be turned down? Only 35% of U.S. consumers told Sapio they'd try again after having a payment declined – and remember, 33% said they'd never shop with a merchant again after a decline.

The risk of false declines is one reason we recommend that merchants manually review all flagged orders instead of automatically rejecting them. An experienced fraud analyst could review all the available data and quickly conclude that the order was legitimate. The customer would get their purchase. The merchant would get revenue, a better return on their marketing spend, and a continued relationship with the customer. 

Manual review also creates data that makes the order-screening process more efficient over time. As analysts review orders, they can feed their decisions into the automated fraud-screening AI engine. Then the machine can learn to identify patterns that indicate good customers exhibiting unusual but legitimate behavior, as opposed to account takeovers and other types of fraud. That makes the whole system smarter, more efficient and less prone to errors that can turn customers away.

Data for less friction at checkout

Using customer data behind the scenes can also reduce cart abandonment by shifting the burden of authentication from the shopper to the merchant. While 92% of U.S. consumers in the Sapio survey said security is very important to them when they shop online, 50% said they'd abandoned purchases because the checkout process was too long or complicated, and 38% said they'd abandoned purchases because the merchant required them to create an account. 

The takeaway here is that the more data you require customers to enter before they can make a purchase, whether it's a password or a two-factor authentication code or something else, the more likely they are to leave and go to another store with a faster, easier checkout. Leveraging your data allows you to identify your customers while delivering a convenient, welcoming experience – without leaving your store open to fraud.

Unified data for CX and fraud prevention 

What kinds of data can work for both fraud control and marketing? As in the car-part example above, biometric, geolocation, device, past purchases and site behavior, and social data all have roles to play in fraud prevention. Location and social data are also important for personalization, and customer responses to email and paid marketing campaigns can help create a clearer picture of your customers, too. 

Of course, this data can only help you streamline your checkout process and approve more good orders if it's accessible to your fraud control program. If your marketing and fraud prevention data lives in separate silos, it's time to unify that data so that you have a single view of your customers for your marketing and fraud control teams. This takes some work, but the result can be more completed purchases, more approved orders and more satisfied customers, all while stopping fraudsters.

12 Best Ways to Use Business Texting

Posted: 27 Jan 2021 05:30 AM PST

Most people who own a mobile device are familiar and comfortable with texting. It has become a regular part of their lives. This makes business texting a powerful and affordable way to communicate with customers.

What is business text messaging?

Business text messaging (or business texting) involves sending and receiving text messages from a business phone number to prospects and customers. Business texting is a form of communication and marketing that businesses can use to correspond with their target audience. Examples of business text messaging include sending customers promotional offers, updating the status of orders and services, and responding to queries about business times and locations.

Business text messaging falls into two categories:

  • SMS (Short Message Service) supports alphanumeric messages consisting of up to 160 characters. Most telephone, Internet, and mobile-ready devices support SMS messaging.

  • MMS (Multimedia Message Service) supports text messages greater than 160 characters, as well as multimedia (e.g., images and video). It can include up to 500 KB of data, and audio or video files.

How do businesses use text messaging services?

Businesses can use text messaging in the following ways.

Appointment reminders and scheduling

Enable customers to schedule appointments by text and automate reminders to help them remember to keep their appointments. It's more convenient for them and your business, and helps to lower cancellation rates. It also reduces the amount of time employees spend making manual phone calls to customers, which can help to improve the efficiency of your human resources.

Payment and billing reminders

Many customers pay their bills online but might forget to pay by the deadline. Sending an attention-grabbing notice that their bill is coming due will help customers to make timely payments. This benefits your company and your customers, as you will receive money owed and they won't incur unnecessary interest charges and fines.

Order confirmation and delivery updates

Online retailers have made order confirmation and delivery updates an expected requirement for consumers. Incorporate text messaging into your inventory system to inform customers when they've placed an order and when to expect delivery.

Birthday and anniversary messages

Sending birthday and anniversary greetings to customers is an effective way to build brand affinity. People generally like being contacted and acknowledged on these occasions, so reaching out to customers on these days will create goodwill. Your business message will also stand out from other birthday and anniversary messages.

Event reminders, updates and promotions

Your business can send text messages to inform prospects and customers of events and promotions before they occur. You can provide updates and schedule changes before the event, and send out text messages after the event to gather feedback. You can also get creative with text messages during the event, such as requesting selfies, doing scavenger hunts, or asking trivia questions for prizes.

One-off orders

Many restaurants use smartphone apps to support online ordering, but they can be too expensive for smaller restaurants and businesses. Use business texting to take one-off orders, as well as promote new offerings and limited-time specials, announce company news, and collect feedback from customers.

Text-to-landline customer service

Business texting can enhance your customer service strategy, as many customers prefer texting over speaking on the phone to customer service reps. Many business texting services enable you to create web-browser portals that provide customer support texting. You can also have texts forwarded to your mobile phone.

Customer preference polls

Find out what is important to customers so that you can better service their needs. Use business texting to send text-to-vote SMS polls to collect customer insights. You can then personalize your offerings by different segments' preferences. For example, you can run different promotions for customers with and without children.

Contests

Contests are an effective way of increasing customer loyalty and attracting new customers. Use business texting to ask customers to enter a code to participate in sweepstakes, or choose random numbers to award prizes during special days and promotions. Different jurisdictions have specific laws and regulations about contests, so consult with legal counsel to ensure compliance prior to initiating a contest.

Coupon and discount distribution

Text messaging is an effective way to distribute coupons, as well as announce discounts and specials to customers. This can encourage more customers to come into your store, or place orders on your website. It also eliminates the worry for customers that coupons get lost or expire, since they are saved on their mobile devices. You can also promote flash sales by text message to create greater urgency for your products or services.

Referral promotions

Word-of-mouth promotion is an effective way to grow your business. The best sources of referrals are satisfied customers. Send text messages to your best customers to refer their friends to your business. Add discounts and other rewards to incentivize customers to help increase referrals.

Inspirational and motivational messages

Inspirational and motivational text messages can help your business stay top of mind with your customers and increase engagement. The types of messages you send will depend on the type of business. For example, if you operate a gym or other health-oriented business, you can send health-focused text messages in the morning to help customers start their day on a positive note

What are the benefits of business texting?

Business texting offers several key benefits over other types of business communications.

  • Reach customers wherever they are: Many people carry their smartphones and mobile devices everywhere, and use them all the time. Business texting enables you to reach your customers anywhere and at any time.

  • Interact on a one-to-one basis: Business texting enables you to engage in two-way communication with your customers. It allows customers to interact with your business via SMS, and you can respond to their messages directly. You can also reach out to specific customers to address their specific needs.

  • Communicate at scale: Business texting enables you to use mass text messages to reach large groups of customers at the same time. You can send business texts to everyone in your mailing list, or specific groups of customers.

  • Get instant responses: Business texting is the quickest way to communicate with customers and get more immediate responses. Customers are more likely to read and respond to a text compared to a phone call and will respond more quickly to text than email.

  • No need for special software: If your customers have a smartphone or other mobile device, you can interact and communicate with them easily. By sending a text message to a given number, your customers can opt in to your text list and receive messages, and you can communicate with them at any time. They don't even need an Internet connection.

How does consent work with business texting?

The legislation and rules on consent and business texting differ slightly in different countries.

In the United States, according to the Telephone Consumer Protection Act, your company requires the customer's express (i.e., written) permission to send text messages to their phones and mobile devices. Written consent can involve signing a physical document or a digital signature. Even if your company has permission to contact a customer by email or phone, you must get their express permission to contact them by text messaging.

According to Canada's Anti-Spam Legislation (CASL), consent may be either express or implied. If a customer does business with your company, they provide implied consent to contact them for the next two years. Customers can also provide express written consent to contact them by text message. Your text messages must clearly identify the sender, and provide an opt-out option.

Top text message apps and services

There are many different text message apps and services that you can use for their business. Our best picks include:

4 Ways to Boost Your Balance Sheet

Posted: 27 Jan 2021 04:30 AM PST

Your balance sheet can be a treasure trove of information that helps you optimize cash flow and run your business more efficiently. It's also important to have your balance sheet in good shape if you want to borrow money or bring on investors. But you have to understand the components of a strong balance sheet before you can improve it.

What makes a strong balance sheet?

A balance sheet can be an effective forecasting tool because it gives you a look at the business's total assets, debts and shareholder equity at a moment in time. It plays a crucial role in your ability to land funding, whether through a loan or an investor. Here are the attributes of a strong balance sheet:

  • More assets than liabilities. A cornerstone of a strong balance sheet is having more assets than liabilities. After all, to run a business successfully, you need more money coming in than going out.

  • Positive net assets. Net assets are the value of your assets after you pay your obligations. If you have a lot of assets after everything is paid off, your balance sheet is in a strong position. Businesses with positive net assets tend to do better in economic downturns than business with low net-asset positions. Net assets are calculated using this formula: (total fixed assets + total current assets) - (total current liabilities + total long-term liabilities) = net assets.

  • Strong assets. Assets alone won't make your balance sheet healthy; they have to be active and valuable to count as positive contributions. You may have a lot of valuable inventory, but if you aren't moving it, it's not worth that much. A strong balance sheet often has assets that provide value now, not potentially later.

  • Healthy receivables. You can have all the sales in the world, but if you aren't getting paid in a timely manner, your business can still struggle. Debtors who are slow to pay their bills can really harm a business. Healthy receivables reflect positively on your balance sheet.

  • Good debt-to-equity ratio. This measures the amount of shareholder equity available to cover the business's debts. The lower the ratio, the better a company is positioned to weather an economic downturn. The debt-to-equity ratio is calculated by dividing the total liabilities by the total shareholder equity. Shareholder equity, also known as owners' equity, is the amount of money the business owner would get if the business assets were liquidated and all the debts were paid off.

3 ways to analyze a balance sheet

You can glean a ton of information about your business from your balance sheet. By understanding the different aspects, you can improve cash flow, paint a picture of your financial health and help determine if you can handle debt or investors. When you are analyzing your balance sheet, there are some key ratios to look at. They include the current ratio, the debt-to-equity-ratio and the working-capital ratio.

  1. Current ratio. Calculated by dividing current assets by current liabilities, the current ratio gives you a picture of how much cash you have to run operations. Strive for a current ratio of 1.5 or higher.

  2. Debt-to-equity ratio. Calculated by dividing total liabilities by shareholder equity, the debt-to-equity ratio shows how much money the business owner needs to cover debt obligations. To have a strong balance sheet, keep this ratio as low -as -possible.

  3. Working-capital ratio. This is calculated by dividing current assets by current liabilities. Most small businesses will want a positive working-capital ratio; if you have negative working capital, it means you don't have enough cash to bankroll operations and could signal it's time to cut costs or unload assets.

4 ways to strengthen your balance sheet

The balance sheet may not be top of mind for time-crunched small business owners, but strengthening it can go a long way toward improving cash flow and positioning the business for growth.

"A lot of small businesses just look at cash in and cash out," Ben Richmond, country manager at Xero, told business.com. "The balance sheet is important because it gives you the full preview of your business."

The more optimized your balance sheet is, the better off your business will be. If you need cash to chase growth, a strong balance sheet will open doors with lenders and investors. If you wonder if you have too much inventory on hand, take a look at your balance sheet.

There are strategies for optimizing your balance sheet and improving cash flow. Not all of them will fit your unique business, but here are four popular methods to consider:

1. Boost your debt-to-equity ratio.

The less debt and the more cash you have, the better off your business will be. To improve that part of your balance sheet, you need to bring in more sales that you can use to pay down debt, or you'll have to unload assets, such as office equipment or real estate property. Boosting your debt-to-equity ratio will strengthen your balance sheet, improve cash flow and put you in a position to pursue growth.

"If you get to a really low debt-to-equity ratio, you can use it to raise capital," Richmond said.

2. Reduce the money going out.

A cash-flow deficit will quickly spell a small business's demise, which is why reducing the money going out is an effective way to improve your balance sheet and bottom line. To optimize cash flow, Richmond said to map out different scenarios for the cash going out of the business, including the worst-case, best-case and likely scenarios. If your likely scenario looks a lot like the worst-case scenario, find ways to trim the cash going out, Richmond said.

3. Build up a cash reserve.

In addition to managing the cash going in and out, it's important to monitor the amount of cash held, said Val Steed, director of accountants at Zoho. That's the money a business builds up to use during emergencies or to take advantage of an unexpected opportunity. Without cash in reserve, you might need to scramble to secure financing quickly.

"My general rule of thumb is, until you build up your hold or protective balance, one-third goes back into operations, one-third is invested back into the business to improve growth and one-third is the hold," Steed said.

4. Manage accounts receivable.

A big challenge for all small business owners is making sure they get paid. The longer bills go unpaid, the more pressure it puts on cash flow. To improve the balance sheet and cash flow, focus on managing receivables, Steed said. That doesn't mean sending out a bill reminder email and leaving it at that. Nor does it mean asking your salesperson to try collecting the amount owed. Rather, it requires you to put a person in charge of collecting overdue bills using persistence, patience and politeness.

"Never put a salesperson back on a bad account," Steed said. "The salesperson stays in the good-guy role at all times."

The Essential Small Business Guide to Data Privacy

Posted: 25 Jan 2021 02:10 PM PST

Small businesses in the U.S. have big privacy obligations. The global data privacy regulatory ecosystem affects every small business that collects data from the people it interacts with. This includes businesses with a digital presence – like a website with a contact form – but also businesses that keep physical records. The web is complex and difficult to navigate; this article will untangle it for you.

What is data privacy?

Data privacy refers to how you gather and use the data you collect. It covers issues like:

●     Gaining consent from your customers to collect, use or sell their data

●     Giving proper notice to customers if your privacy practices change

●     Offering individuals rights to access and delete their data

Fundamentally, data privacy is the proper and responsible collection, creation, use, sharing, retention and disposal of information about people. It also includes decisions about when not to collect, not to create, not to share and not to permit certain uses of information to protect a person's privacy interests. 

Legal actions taken against small businesses relating to data privacy are often related to failures to respect a person's legitimate privacy interests. For instance, if a California consumer asks you to delete his or her data and you fail to do so, that would be a privacy violation. Similarly, if you sell the data you collect without proper notice and consent that is also a data privacy issue.

Legally speaking, data privacy is treated differently from data security. Data security refers to how you protect the data you've collected from unauthorized access and use. Any reference to data breaches, privacy breaches, hacks or ransomware are references to data security.

Despite this difference, both data security and data privacy have legal consequences if they aren't managed correctly. This guide will help your small business manage both data security and data privacy risk.

Does the U.S. have privacy laws for small businesses?

There isn't yet a comprehensive federal-level data privacy or security act (though, it is widely anticipated that the president-elect will prioritize enacting one). However, the Federal Trade Commission (FTC) may bring enforcement action to protect consumers against "unfair or deceptive acts or practices." Over the last 20 years, the FTC has used this power to bring enforcement actions against companies that fail to comply with published privacy promises, including failing to secure personal information.

In 2019, the FTC brought enforcement actions in more than 130 spam and spyware cases and 80 general privacy lawsuits. While the statistics for 2020 are yet to be published, 2020 was another big year in privacy enforcement for the FTC.

Thus, to avoid an FTC investigation, small businesses must:

  1. Live up to any promises they make to consumers regarding the collection, use and protection of their information, and;

  2. Maintain reasonable procedures to protect consumer information

In addition, small businesses in the U.S. are governed by piecemeal state and industry-specific legislation. Your small business data practices need to align with:

  • Laws that govern in the state(s) in which you operate

  • Industry-specific regulations (e.g., laws based on the types of data you collect or the type of individuals from whom you collect data)

  • Any laws in the geographic areas from where you collect data

Small business compliance with privacy laws in other states or countries

Most privacy laws act to protect anyone within a given geographical location. It doesn't matter whether your business is registered there. What matters is where your users are.

Many states are moving privacy bills through the legislative process. California, Maine and Nevada are the only three states with comprehensive data privacy laws in force at present.

Globally, the General Data Protection Regulation (GDPR) is the most well-known data privacy act, but it isn't the only one. In fact, more than 80 countries currently have data privacy laws in force. If your business collects data from anyone residing in those U.S. states or any other country with data privacy laws, you need to be aware of them, and you may need to comply with them.

Small business compliance with industry-specific privacy regulations

There are more stringent federal regulations for businesses that operate in certain industries or collect data from certain populations. The Health Insurance Portability and Accountability Act (HIPAA), for instance, creates standards for the protection of medical information. Meanwhile, the Children's Online Privacy Protection Act (COPPA) governs the collection of data from children under the age of 13. The Gramm-Leach-Bliley Act and the Fair Credit Reporting Act are financial privacy statutes that govern the use and protection of certain financial information.  

Some states have enacted their own corresponding state laws that may go beyond the federal regulations. It's not possible to outline all of the relevant laws within this article. We suggest you speak with a privacy expert to confirm whether your industry is subject to any specific state or federal laws.

Why should small businesses prioritize data privacy?

Beyond your legal obligations, there is a strong business case for embedding a culture of data privacy into your small business. Businesses that prioritize data privacy tend to have a competitive edge over those that do not. Other benefits of a strong culture of data privacy include:

●     Increased business agility

●     Informed business decisions

●     Fewer losses from data breaches

●     Better business reputation

●     Optimized data processing

●     More efficient operations

Whether your small business is obligated to comply with privacy regulations or you just want to access the benefits of a strong data privacy culture, here's how to achieve that:

Step 1: Your small business needs to understand the data it collects.

Understanding the data you collect is the first step any small business should take. Inventory your business devices, including computers, laptops, mobile devices, as well as all flash drives, disks, digital copiers, fax machines, and external data storage devices. Check for personal devices your staff may use for business purposes too. Afterward, review your physical records, including file cabinets, record storage facilities and address books.

During the inventory, take stock of the personal data you have from any person your business interacts with. This includes employees, suppliers, contractors, advisors, third-party providers and customers. Record what type of data you hold and where it's stored.

"Personal" data includes information like names, telephone numbers, credit card details, number plates, addresses, customer numbers, even details about a person's appearance. It's simplest to categorize the data you have under headers like these during your inventory.

Note that certain categories of data may be considered "sensitive" or "special" under certain statutes and may be subject to stricter obligations. For instance, biometric data is classified as "sensitive personal data" under the newly passed California Privacy Rights Act.

There's no point simply saying you collect "personal" information. You need to categorize the data at a more granular level to meet your obligations.

Step 2: Your small business must know what it does with the data it collects.

Data can be collected, transferred, processed, stored, accessed and/or sold. The data privacy laws that govern your small business will vary depending on what happens with the data you collect.

Consider this scenario: You operate a small but thriving jewelry business in the state of Washington. Your business is based on a digital storefront, and you have customers in the U.S. and Europe. To save time, you outsource your bookkeeping to a cost-effective bookkeeper in Estonia, and you ask a freelance writer in India to take care of your weekly marketing emails.

In this case, your bookkeeper may have access to the names and other personal details of your customers, suppliers, employees and more. Additionally, they may need access to financial information to process payments. Meanwhile, you may need to send (i.e., transfer) the freelancer a list of your email subscribers. They might then upload those details to a third-party email marketing platform, like Salesforce, based in California.

It's easy to see how quickly the data your small business collects can travel to various locales around the world. In the situation above, data may be stored in California, accessed and/or downloaded in India and Estonia, and may relate to persons from Nevada, Maine, California, and Europe. All these different locales have data privacy regulations. These may govern anything from how the personal data from persons residing there should be treated to how data should be secured to whether a data transfer is legal. 

It's also easy to see how data privacy hygiene can help your business make better decisions. In the case above, the cost-effective bookkeeper may be less cost-effective when the costs of privacy compliance are considered.

Know the laws in relevant jurisdictions

Wherever your personal data is coming from, stored or going to, you need to understand and comply with the relevant laws. The fastest and easiest way to manage this is to consult with a privacy attorney. This may seem like a burden, and it can be. But the costs of noncompliance are significant to your reputation and your bottom line.

Step 3: Your small business should protect the data it collects.

Beyond complying with the relevant laws when you collect and/or use data, you also have a legal obligation to keep it safe. Here are some privacy best practices for achieving this:

Start with a data minimization strategy.

The easiest method of protecting personal data from unauthorized access is for your business to not have it at all. Implement policies and processes for your business to routinely destroy information that's not essential for your operations.

Share as little personal data as possible.

Where you do need to provide any party with access to the data you've collected, provide as few details as possible. Personal data and records should be subject to access control measures so only the employees and third parties who need to view (or use) it can do so.

Create a cybersecure environment.

In 2019, 164.68 million sensitive records were exposed in the U.S. As cyberattacks grow more sophisticated and become more commonplace, your business needs to make cybersecurity a priority.

A cybersecure business environment takes advantage of robust technological measures and strong privacy practices to protect data. It's wise to consult with a cybersecurity advisor to work out what security measures your small business should be looking at. While cybersecurity can seem daunting as a small business owner, the solutions aren't as expensive as the consequences of a breach. As a starting point, here are 10 practical and cost-effective measures your small business can use to improve cybersecurity:

  1. Anti-malware programs

  2. Email encryption

  3. Encrypted data storage and backups

  4. Strong internal processes and policies

  5. Employee training

  6. Two-factor authentication requirements

  7. Secure Wi-Fi

  8. Https security certificates

  9. Regular software and hardware updates

  10. Firewalls

Step 4: Your small business should plan for a data breach.

Finally, you should have plans in place for a data breach or security incident, and you should routinely stress test them. Your plans need to cover both business continuity and addressing your legal obligations.

Again, your legal obligations vary depending on where your business operates and where those who you've collected from are located. All 50 states and Washington D.C. have regulations that govern the notification process following a business data breach. You should be aware of all your obligations, including the timelines for them. Ideally, you should have template notifications prepared before a data breach ever occurs.

Final words of advice

The global privacy ecosystem is complicated and growing every day. To reduce compliance costs today and into the future, the best thing a small business can do is to reduce the volume of personal information flowing through it. A less-is-more attitude toward data collection goes a long way. It doesn't exempt your business from compliance. On the compliance front, prevention is much better than a cure. Seeking qualified help will always be significantly less expensive than either an enforcement action or a data incident. 

No comments:

Post a Comment

No. 1 way to leverage the “Trump bump”

As you likely know, the "Trump bump" launched stocks to record highs after he secured his second reelection bid.  ͏  ͏  ͏  ͏  ͏  ͏...