Target Corp. and other large retailers have made the news due to data breaches, but businesses of all sizes need to make sure they have up-to-date policies and procedures to protect private data, says an Iowa privacy expert. 

Rebecca Herold runs two businesses - The Privacy Professor and Compliance Helper - both of which help companies deal with privacy issues. She is also an advocate of today's Data Privacy Day in Iowa, as declared by Gov. Terry Branstad.


The breaches at Target highlight how important it is for organizations to know how secure their networks are, said Herold. She suggests four measures businesses should take to ensure their data stays private.

  • One obvious way is to make sure your business' security software is up to date and working "to make sure you don't leave holes in your technology," Herold said.
  • Do you have policies and procedures in place for how employees interact with the business' server and network? Such measures include making sure employees have strong passwords for their computers and other devices, keeping their machines updated with the latest anti-malware protection and providing them with general awareness on things to watch out for, such as phishing messages (scams that ask people to give out personal information or prompt a person to click on a link that will infect their computer with malware).
  • Make sure that employees have safeguards on the personal devices they use to connect to the company's network.
  • Don't forget security measures for paper records. Herold said she's seen security breaches occur because people don't shred documents before throwing them away. She's even seen parents donate scrap paper to their children's schools with sensitive information on the back.

Click here to see an infographic that Herold put together to demonstrate common, everyday ways that people give away their private information.