The Difference between Security and Privacy and Why It Matters to Your Program
In today’s digital era, technical teams and IT professionals are not the only ones who need to worry about cybersecurity. The reality is that security, safety, and privacy are issues that everyone needs to understand, especially those who work in communications. In this post, we explain the difference between security and privacy, and why they are important to you, your organization, and the clients you serve.
What is the Difference between Security and Privacy?
Security is about the safeguarding of data, whereas privacy is about the safeguarding of user identity. The specific differences, however, are more complex, and there can certainly be areas of overlap between the two.
Security refers to protection against the unauthorized access of data. We put security controls in place to limit who can access the information.
Privacy is harder to define, in part because user-specific details can also be secure data. In the coming month, we will have a blog with more information on Personally Identifiable Information (PII).
For example, hospital and clinic staff use secure systems to communicate with patients about their health, instead of sending information via personal email accounts. This type of data transmission is an example of security. On the other hand, privacy provisions, might limit patient health record access to specific hospital staff members, such as doctors, nurses, and medical assistants. Privacy might also stipulate when users can access specific information (i.e. business hours only).
A recent studyExit Disclaimer focused on the security and confidentiality practices of over 300 HIV outpatient clinics in Vietnam. The study found that “most staff had proper measures and practices for maintaining data security; however, the protection of patient confidentiality, particularly for data access, sharing, and transfer still required improvement.”
The Importance of Security
Although concepts of security and privacy are tangled, we know that it is possible to have security without privacy, but impossible to have privacy without security.
As technology advances, and use of technology increases, we become more and more dependent on it. Our dependence, however, makes us more vulnerable to security threats such as identity theft and email hacks.
Information systems and the data they contain have been compromised because of inadequate security. The resulting loss of data can have meaningful consequences to individuals whose data is stored on these systems.
Unfortunately, security breaches are so common that they are almost statistically inevitable. According to a 2017 cybercrime reportExit Disclaimer, “over 2 billion personal records were stolen and in the U.S. alone over 100 million Americans had their medical records stolen” in 2016. Those stats strongly indicate the need for beefed up cybersecurity.
Ensuring Users Feel Safe
Beyond the technical issues, your visitors should understand what they can expect from your website and digital communication channels. Because finding HIV information can be a very personal experience for the user, it’s important for those users to have - and know that they have - a safe environment.
There is increased demand, as emphasized by Silicon Valley, for us to roll out new functionality and advance the user experience. Now more than ever, those of us in health communication must acknowledge the need to innovate while we also maintain the security and privacy of our users.