Stephanie Webb of Wasabi and Steve Millendorf of Foley & Larder LLP shared key privacy tips and solutions for startups at all stages of growth as part of the livestream for startup founders series hosted by 4thly and Foley and moderated by Bret Waters.
For startups today, there is a labyrinth of privacy regulations to comply with – and the consequences of being out of compliance can be expensive. Key takeaways were:
- “Design-in” compliance with privacy into the product roadmap from inception – it pays
- Spend time understanding the product or service you’re offering. Work the engineers and customer facing people to find out what kinds of data your company is collecting, where that data is going, and who has access to it.
- Focus on minimization and transparency. Minimize the amount of data you’re collecting if you can, and minimize who has access to it. Be transparent with your employees and your customers about what data you’re collecting and what you’re doing with it.
- As a startup, you’re developing a product, so make sure your product isn’t at risk of industry espionage.
- Understand where your information is, know how to access it, and know how to delete it.
- Consider your target customer. If you’re only going after U.S. customers, that requires a different sort of privacy and security program. If you’re expanding or planning to expand to Europe, the United Kingdom, China, Brazil, or other jurisdictions, get your privacy and security programs in place early. Take into account whether you’ll need to be CRPA, GDPR or CDPR compliant, whether you’re ISO certified, and how you’ll meet various state, federal and foreign regulations for your industry.