Data or information privacy is the practice of protecting data through its life wherever it lives or wherever it is sent, to assure the owner of that data that only permitted actors can access it.
Privacy policies and practices should cover the entire lifecycle of the data — including up to the point of deletion.
What is it?
The actions taken to ensure data is only accessible by those granted explicit permission.
Data flows everywhere, and much information is collected, stored and dispersed inside and outside of the enterprise. With highly publicized leaks of often private and personal data, the risks for business owners and consumers have never been higher. Safeguarding data privacy should be a first-class concern for everyone involved.
Due to the increase in data-related crime, we’ve seen the rise of cyber-security specialization to prevent criminals from obtaining sensitive information. This is a global problem with sovereign states sometimes acting as an aggressor, causing some jurisdictions to pass laws such as GDPR that extend previous pre-internet privacy laws to protect citizens and prevent data misuse.
What’s in for you?
Being trusted with personal data is simply table stakes for today’s enterprise. Consumers are highly aware of data breaches and unafraid to switch to a competitor if they don’t feel a company can be trusted to safeguard their personal information.
Demonstrating a robust approach to data privacy will also lessen regulatory risks. Regulators are increasingly willing to fine those that don’t meet expected standards.
However, there is evidence that they are choosing brands that ‘feel’ safer. The feeling of trust translated directly into the brand strength.
What are the trade offs?
Many companies’ technology estates have grown unwieldy, and protecting data through all its life can be challenging.
When faced with attempting to comply with regulations such as GDPR or PCI-DS, many organizations have discovered that historical design decisions hamper their efforts to change. The requirements are so far-reaching that upgrading a system to be secure is exceptionally challenging.
How is it being used?
Data privacy has typically been seen as a compliance issue, rather than a source of brand value. Indeed, regulators across the globe are showing an increased appetite to issue fines for breaches of privacy.
Some enterprises are beginning to see data privacy as a source of competitive advantage — building brand value by being seen as trustworthy. Naturally, any company that sets themselves up as a paragon of virtue has to ensure they can live up to those standards.