What is personally identifiable information?
The first step to protecting personally identifiable information is knowing what types of information need to be protected. Personally identifiable information can include:
- Names (if not common)
- Email addresses and telephone numbers (if private)
- Usernames and passwords
- Identification numbers
- Credit card numbers
- Birthdates and places
You need to make sure you are taking the appropriate steps to secure this data.
Who should collect and store the data?
Use a trusted, PCI compliant vendor for your registration forms. PCI compliant vendors have to adhere to strict security protocols for collecting and storing personal information. Choosing a PCI compliant vendor will go a long way towards ensuring the safety of your registrants’ information.
How do you plan to use the data?
You should be prepared to explain why you need the data you are collecting. Only collect as much personal information as you will need for your event. Asking for too much information can make registrants uncomfortable and unwilling to participate. Put everyone at ease—only ask for what you need.
Who will have access to the data?
Is the information you collect just for your needs or do you plan to also give attendee information to your sponsors and exhibitors? If you plan to give exhibitors/sponsors access to any of your data, it is best to ask permission first. Give attendees the option to decline participation in contact lists. If they do participate, let them choose how much of their information is shared.
How will you approach privacy onsite?
Social media sharing is popular at events. You can encourage your attendees to participate in social media while still respecting everyone’s rights to privacy. Have different colored lanyards or badges available for attendees who do not wish to be photographed. Post signs outside of sessions that contain any information that should not be shared online. It is possible to create an atmosphere that encourages engagement without violating anyone’s trust.