Get All Access for $5/mo

A Seven-Step Guide to Protecting Customer Privacy By following these tips, small businesses can create a privacy plan that boosts customer trust -- and sales.

By Riva Richmond

Opinions expressed by Entrepreneur contributors are their own.

Protecting Customer PrivacyThink protecting customer privacy is only an issue for business giants like Facebook and Sony? Think again.

Many small companies have lost customer trust or even been sued over privacy mishaps in recent years. And they're likely to face more problems as digital data files grow in size and importance to modern business.

You are legally, if not morally, obligated to treat your customers' private personal data respectfully and fairly. But protecting customer privacy need not be a drain on your company. Done wisely, it can create customer goodwill and even lift sales, while reducing business and legal risks.

Such a strategy involves more than securing a network from hackers and posting a boilerplate privacy policy. Here are seven steps that can help you build a comprehensive and effective privacy plan:

1. Conduct a data privacy audit.
Step one is to understand what data your business needs, what data it's collecting and how data is being stored and secured. Consider also your legal obligations if you handle medical, financial or minors' data.

Businesses sometimes collect more data than they realize because they've used third-party software code that does so automatically or because a partner, such as an advertising network or analytics company, is pulling data.

Related: Three Tips for Using Public Wi-Fi Safely

Lack of attention to this data collection is what often sparks a crisis, says Jules Polonetsky, director of the Future of Privacy Forum, a Washington, D.C., think tank. But you can avoid trouble by making sure someone in your organization is responsible for data privacy, be it a full-fledged chief privacy officer or simply the marketing director.

"No one ends up knowing what is collected and kept from beginning to end unless someone is in charge of that," Polonetsky says. "Someone needs to be accountable."

2. Minimize data collection and retention.
What you don't have can't hurt you. Privacy advocates recommend that companies collect and store only data they need to deliver their product or service. Sometimes businesses gather extra information because they think they might want it in the future. But doing so increases risk. Data can be lost or stolen by hackers, and customers can mutiny if they feel you're asking unnecessarily intrusive questions.

3. Secure the data you keep.
Even if you don't take credit card numbers, other personal data you keep could be valuable to identity fraudsters. It's embarrassing, not to mention costly and damaging, to tell customers their personal information has been compromised in a hack. And such disclosure is often legally required. So be sure you have secured your network, databases and website.

Related: What to Do If Your Business Gets Hacked

4. Post a privacy policy.
Commercial website owners are required by law to post a privacy policy. And most app platforms also require one if your app transmits data. It isn't enough to cut and paste a boilerplate policy. Regulators consider privacy policies legally binding agreements between you and your customers. You should describe your current business practices fully and accurately.

Fortunately, there are online tools that can help you create a privacy policy. PrivacyChoice, for instance, offers a free online tool called Policymaker to help develop policies for mobile apps and websites, as well as consulting services for a fee. Another option is TRUSTe's Privacy Policy Generator, and packages of related services ($499 and $995 a year).

5. Communicate with customers.
A privacy policy is a legal document that customers rarely read. But they do expect simple and clear descriptions of company data practices at key moments, such as when they're asked to provide data and when you add new features to a product or service or make policy changes.

Privacy advocates and industry groups such as the Online Trust Alliance recommend direct and upfront communication with customers about data you collect and your plans for using it. That's especially important for small companies without recognized brands that people know and trust. Most consumers will happily supply personal data necessary for a service they want. For instance, Amazon.com keeps purchase data and uses it to deliver product recommendations that millions of customers embrace.

Related: What Technologies Banks Should Be Using to Keep Your Money Safe

6. Give consumers a choice.
Recent research suggests customers expect settings and features that let them choose whether to share data, not sweet words about your respect for their privacy, Polonetsky says. They want to see signs that businesses are "serving" them, not "selling" them.

7. Provide a forum for complaints.
Give customers an online form or email address for communicating their privacy problems or concerns. And be sure to respond to their messages. Such two-way communication can help build trust and loyalty -- and help avoid potential privacy crises.

"Don't think you're too small to be noticed in this world of savvy critics," Polonetsky says. "One aggrieved customer on Twitter … can send the most minor complaint viral."

Riva Richmond is a freelance journalist who has covered technology for more than a decade. She focuses on computer security, privacy, social networking and online business and has written for The New York Times, The Wall Street Journal and other national publications. Previously, Riva was a technology reporter at Dow Jones Newswires and regular contributor to The Journal's "Enterprise" small business column.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick

Starting a Business

He Started a Business That Surpassed $100 Million in Under 3 Years: 'Consistent Revenue Right Out of the Gate'

Ryan Close, founder and CEO of Bartesian, had run a few small businesses on the side — but none of them excited him as much as the idea for a home cocktail machine.

Franchise

The Top 10 Coffee Franchises in 2024

From a classic cup of joe to a creamy latte, grab your favorite mug and get ready to brew up success with the best coffee franchises.

Business Ideas

63 Small Business Ideas to Start in 2024

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2024.

Business News

'Jaw-Dropping Performance in 2024,' Says a Senior Analyst as Nvidia Reports Earnings

Nvidia reported its highly-anticipated third-quarter earnings on Wednesday.

Marketing

How Small Businesses Can Leverage Dark Social to Drive Word-of-Mouth Marketing

Dark social accounts for 70% of social media shares and is crucial for small businesses. Here's how you can tap into this hidden marketing opportunity.