Making entries and form-filling in record books are two of the most prevalent methods used by organisations to collect personal data from people. There are several collection points where such activities can occur:
- When a contractor or service fills their personal contact information in the contractors’ or visitors’ record book at the reception counter of an office building or the security guard post of a condominium.
- When prospective buyers visit a show flat during a property launch and a salesperson helps them fill out an expression-of-interest form.
- When prospects meet face-to-face with financial planning advisors who help them fill out know-your-client forms.
- When individuals submit application forms at the counter of a service provider.
- When job seekers submit their job application forms to organisations.
- When shoppers drop lucky draw forms in the drop-in slots or boxes at shopping centres.
- When new patients register themselves at doctors’ clinics.
Visitors’ Record Book
A visitors’ record book typically comes with column headings of the information requested. There are also horizontal ruled lines for visitors to fill in. When filling in your personal details in the record book, it is likely that you will also notice the details of the people who signed before you.
If the earlier visitors are celebrities or VIPs who don’t want their movements to be known, there is definitely a compromise of their personal privacy. A few measures organisations can make to keep leakage to a minimum include:
- Having individual forms for visitors (one for for each visitor)
- Use an electronic device for visitors to fill in their personal contact information (one screen for each visitor). It is also recommended to shield the screen from other visitors that are queueing behind. You need to also ensure that the current visitor cannot use the back arrow to look at previous entries.
To know more about data protection operations, it would be a good idea to check data protection and information security courses offered by Data Protection Excellence (DPEX) Network. The more you know about data protection operations, the more you will be able to protect the personal data in your care.
Face-to-Face Gathering of Information
At face-to-face meetings between financial planning advisors or real-estate salespersons and their clients, the former will often ask clients a series of personal questions to better understand their needs better. Enclosed rooms where no one can eavesdrop on the conversion are considered the ideal place for similar discussions.
In cases where it is not possible to use enclosed rooms, the following precautionary measures should be observed:
- Ensure the discussion area is as far away from the primary flow of human traffic as possible.
- Ensure the notes about clients cannot be viewed by anyone around.
Drop-in Slot or Box
Several shopping centres have drop-in slots or drop-in boxes for shoppers to drop in their lucky draw forms. As expected the lucky forms will contain their detailed personal contact information.
The following are some of the precautionary measures shopping centre management can adopt to prevent the personal data of shoppers from getting compromised:
- Drop-in boxes should not have a transparent or clear exterior so it’s not possible for anyone to take a peek inside and view the personal information of shoppers.
- Drop-in slots should be narrow and one-way so no hand can go in and take out any draw forms.
Moral of the Story
It’s easy for organisations to collect personal data. However, respecting the privacy of individuals during the data collection process and taking precautionary measures are things that have to be developed among staff in organisations.
