ResourceCenter

All the privacy tools and information you need in one easy-to-find place

Small- and Medium-Sized Businesses

Small- and Medium-Sized Businesses Topic Page

Often, a privacy and data protection “team” in a small organization means one individual, who may have other responsibilities, doing their best to follow the laws, and implement policies and practices that protect consumer and employee privacy. Particularly in the digital age, following the laws of all the jurisdictions in which a small business operates can be a complex undertaking.

The IAPP understands these people need all the help they can get. This topic page aims to help with tools, tips and guidance. The IAPP Resource Center has additional topic pages that can provide useful resources for small- and medium-sized businesses, including Workplace Privacy, Crafting a Privacy Notice and Organizational Privacy Policies.

Featured Resources

Back to top

How machine learning can help small businesses deal with data privacy compliance

From understanding applicable regulations to balancing customer experience and data collection, it’s not easy for smaller companies to complete all compliance measures within budget and expectations. This article covers how automation tools and solutions can help simplify compliance
Read More

Questions for small businesses in the APRA

This article discusses the impact of the draft American Privacy Rights Act on small businesses.
Read More

Privacy fatigue and how to combat it

This article explains how a well-developed strategy can help privacy professionals combat organizational privacy fatigue.
Read More

How to facilitate privacy in smaller companies

Early-stage startups may not realize the possible consequences of not having a privacy program. This article provides helpful methods on how to begin implementing a proactive privacy program with an early stage startup.
Read More

Looking at how our small business uses data: A GDPR perspective

This article analyzes how a small business excavated the personal data it collects to better understand how to comply, created a checklist of things to consider, and gained insight into managing customer consent.
Read More

ARTICLE SERIES

Starting Up Privacy at a Startup

This article addresses starting a privacy program at a startup, with observations provided on the differences and similarities between privacy programs and roles at a large multinational versus a small tech start-up.
Read More

Back to top

Additional News and Resources

Study shows data breach impacts on US SMEs

State AGs and Privacy in 2023: What Your Business Needs to Know

WEB CONFERENCE

ICO publishes guide for small businesses to respond to data protection complaints

Report: 67% of small US businesses don’t have incident response plan

Tech vendor looks to fill market gap by targeting SMEs

Small business guide to data protection

Vaccine credential systems: Considerations for US employers

SMEs speak out against Apple’s ad-tracking changes

3 benefits for businesses to adopt PDS

Privacy Shield invalidation poses problems for SMEs

What US companies without EU assets should know about business contracts

Study: 10% of SMEs are GDPR compliant

Cisco Report: Small Business Cybersecurity Report

8 Cyber Security Best Practices For Your Small To Medium-Size Business

Data Protection law compliance: Assessment for small business owners and sole traders

Study finds small businesses struggling with cyberattacks

How Privacy Awareness Builds Trust

WHITE PAPER

How startups can beat breaches on a budget

Back to top