By: Linda Coniglio, Information Governance and Privacy Specialist, CIPP/US
When British mathematician Clive Humby coined the quote “Data is the New Oil” back in 2006, he surely couldn’t have imagined just how data driven businesses would become over the next 15 years, nor could he probably imagine just how voluminous data would become in the world or how many new sources of data there would become for organizations to manage.
Back then, cell phones were primarily confined to making calls and not the smartphones of today (for example, the first Apple iPhone wasn’t released until the following year). MySpace was the most popular social media site at that time, as Facebook and Twitter were just launched that year. In addition, while the concept of Internet of Things (IoT) devices existed back then, many of the most popular IoT devices (including wearables, such as Fitbits and Apple Watches) of today were still a decade or more away from being introduced.
Now, we live in the era of Big Data and, according to estimates, the volume of business data worldwide, across all companies, doubles every 1.2 years. Unlike oil, which is a precious resource of limited availability, data is voluminous – in fact, organizations are drowning in data, and many have unwittingly become data hoarders. But when it comes to protecting those resources, the challenges associated with governing all that data, with the ever-changing data privacy landscape and with cybersecurity threats and potential data breaches have made the stakes.
just as high – if not even higher – when it comes to protecting your organization’s data. The risks associated with data privacy compliance have never been greater.
Just as an unintentional spill of oil can be an economic (and environmental) disaster for oil companies, an unintentional “spill” of personal data for individuals can be an economic (and public relations) disaster for a company involved in the release of that data (whether by accident or by being hacked by cybercriminals).
An effective Privacy Compliance Program can enable your organization to address the risks associated with data privacy compliance, providing the ability to adapt to the ever-changing data privacy landscape, while applying best practices to effectively govern information and respond to cyber threats.
This whitepaper will discuss the challenges that organizations face today, the benefits of a Privacy Compliance Program to address those challenges and what components are needed to implement and maintain one.
The Ever-Changing Data Privacy Landscape
In 1849, French writer Jean-Baptiste Alphonse Karr wrote the phrase “plus ça change, plus c’est la même chose”. Translated, that means: “the more things change, the more they stay the same”. That is certainly true when it comes to the ever-changing data privacy landscape that many organizations face today. With the amount of personal data online,
countries all over the world, including the US, have strengthened their emphasis on protecting personal data considerably and new data privacy laws are being enacted every year in various countries and US states to enforce data privacy.
However, each data privacy law is unique, with different requirements for protecting personal data, requiring continual adjustment by organizations
to stay compliant with data privacy laws in Europe, the US and around the world. In this section, we will look at recent enacted data privacy legislation for organizations to address, discuss data transfer, protection and notification requirements, consider potential future developments in the data privacy landscape and important resources to keep track of developments.
The full white paper covers:
- recent enacted legislation
- data transfer, protection, and notification
- privacy resources
- increasing data privacy risks with organizations
- cybersecurity trends and challenges
- benefits of a privacy compliance program
- components of an effective privacy compliance program