On Data Privacy Week, Tech Industry Leaders Bat for Awareness About Privacy & Policies Supporting It
“Every year January 28th is celebrated as Data Privacy Day across the world and since 2021, the 22nd to 28th of January is observed as Data Privacy Week. Initially started by the Council of Europe in 2007, more than 50 countries across the world now observe Data Privacy Day and showcase for an entire week why Data Privacy is of paramount importance. This is a week where an international effort is made to create awareness about the importance of respecting privacy, safeguarding data and enabling trust. Every year, experts chose a theme to increase awareness around a particular section of data privacy and this year the theme is ‘Protecting Personal Data at Home and Work’.
The reason we are emphasizing data privacy is because our dependency on technology has increased at an unprecedented rate. This is especially true post-pandemic when almost all sectors have moved towards more digital-friendly, tech-savvy platforms and environments. Although we live in an increasingly digital world, most of us give little thought to data privacy until after our personal data has been compromised. With the number of endpoints increasing stupendously and our interaction with them, the risk of a data breach also increases. And with 4.66 billion people in the world who are active internet users, there is an incalculable amount of unsecured data waiting to be stolen. We need to understand that data privacy and security are two different concepts. Data privacy doesn’t just stop with us safeguarding our passwords and personal information. It is got more to do with what measures we take to protect our information. This time can be used to educate our families, employees and the public in general, conduct workshops and point towards plenty of articles online on how to keep the data private and hope the measures work,” Rajesh Thadhani, Executive Director – Digital Transformation & Services at Crayon Software Experts India.
“Data privacy is a much-talked-about subject in the present day as there is an imminent threat to it. Data privacy violations have become rampant today when excessive data sharing has been taking place knowingly and unknowingly. There is a dire need to extensively create awareness of the differences and understanding between data privacy, protection and security. This is essentially where the organizations and experts are failing. The Data Privacy Week from January 22nd to 28th and the Data Privacy Day on January 28th are created for the solemn reason of spreading the message about data privacy with the theme. And this year’s theme with tech advancement is right on point ‘Protecting Personal Data at Home and Work’
As BYOD is being given a higher preference across verticals and the number of devices that have amplified data privacy has become a myth. The data stolen or those shared without much scrutiny with even basic mobile applications have huge demand over the dark web as these data help the market to analyze and create a customized target map. Strict laws are needed and users are in need of detailed education on data privacy. While sometimes the breach of data privacy results in unsolicited calls from companies it can also take a dangerous turn causing identity theft, losing money and manipulation of the system – public or private. Keeping these aspects in mind it would be best for people to keep their systems and gadgets work or personal to be used with precaution and for any data sharing to be done with a thorough understanding of the risks. While one cannot escape data sharing during this digital time, data privacy with the right understanding and measures can definitely be achieved, especially with awareness being created around the same,” Prabhu, COO at TechnoBind Solutions.
“With cyber threats becoming increasingly sophisticated, businesses, people and communities at large are highly exposed to malicious attacks. Ransomware and data theft have been a persistent issue through the years globally as well as in India. Dell Technologies 2022 Global Breakthrough Report brought to light some concerning facts — 74% Indian business saw loss of mission critical data due to a cybersecurity incident and almost 40% of the workforce admitted to not having improved their data management knowledge after a serious attack — underlining that cybersecurity cannot be an afterthought anymore.
Data Privacy Day serves as a reminder to us all to treat our critical data with gravity. Organizations need to shift their focus to a more proactive security strategy, catering to data needs at the perimeter and also securing the supply chain. The realization is sinking in that the time to #FortifyYourSecurity is now. In the coming years, a Zero Trust mindset will define modern data security protocols further helping us shape data privacy values. The need of the hour is to develop a more holistic approach towards developing robust cyber security and data protection strategies. Even the smallest of efforts like choosing a VPN, conducting a password audit and investing in the correct infrastructure solutions, will go a long way in protecting crucial data. Afterall, Data Privacy is not about complicated measures, it’s about efficiency”- : Mr. Ripu Bajwa, Director and General Manager, Data Protection Solutions, Dell Technologies India
“Data, both business specific, as well as personal data of stakeholders, is the backbone of any organization. Safeguarding the privacy of our stakeholders by safeguarding their personal data is a key focus area and is achieved by a data privacy strategy that is holistic, proactive and risk-based. Risk management measures are built not by retro-fitting, but proactively, into the design of processes and technology throughout the end-to-end lifecycle of the data flow.
At BGSW, we follow a holistic approach to safeguarding the data of the stakeholders. Our people sensitization measures, business processes, and technological systems are designed around internationally accepted standards and principles of data protection and information security. Every element of the IT infrastructure, right from the perimeter to the core database, plays a pivotal role. Designing each element carefully and keeping each element updated in terms of vulnerability management, plays a key role in the overall scheme of things.” – Vindhya Vishwanath Kudva, Data Protection, and Information Security Officer, Bosch Global Software Technologies (BGSW)
“Following the COVID-19 pandemic, the edtech industry has seen massive growth across all levels of education. While the transition to digital applications ensured that students suffered the least, the shift came with its own set of challenges. While, on the one hand, data privacy becomes a crucial challenge for everyone, it is amplified with respect to the data of children. Phishing, improper digital socialization, and a lack of digital parenting are the riskiest factors threatening data privacy. Therefore, it is imperative for the entire edtech ecosystem to identify the problem at its root to eliminate it entirely. To safeguard the digital interests of their learners, parents, and teachers, and protect their curriculum data, industry players can begin by obtaining consent from the learners’ guardians and complying with legal obligations.
Learner delight must include conforming to the security and privacy of Learner Data along with guardian and teacher, with end-to-end experiences in perspective; and must protect the Parent/Teacher preferences allowed as appropriate.” – Anil Kommineni, CTO, Infinity Learn by Sri Chaitanya
“A robust IT infrastructure is the foundation of a successful business – and data privacy relies on that as well. The hardware and software components – facilities, data centers, servers, routers, CMS, CRM, ERP,- serve as the foundation upon which defenses and protections can be put in place to protect data and help a company comply with various, ever-changing data protection laws. ● Organizations must realize that security and privacy aren’t just a priority – they are a necessity. Security and privacy needs to be built into everything the organization does: ensuring privacy by design across the entire organization and its products; ensuring access controls are advanced and up to date; taking precautions to always reduce the risk of improper access; making sure all sensitive data is encrypted, whether at rest or in transit. Additionally, organizations should take care to continuously educate themselves and every single employee – for instance, how to properly handle data both business information about Celonis as well as our customer’s data that we are responsible for – to be certain everyone is part of privacy and security efforts, and sees themselves as stewards to help protect the company and customers. At Celonis, we have mandatory privacy training courses every employee must do. A dedicated internal Data Privacy Team maintains and further develops the Celonis Privacy Program. How the privacy program will be managed in the long term as well as who will manage it, are questions that should be considered from the very beginning.” – Ms. Anitha S. George, the Vice President and India Head, Celonis
“A total of 5.07 billion people around the world use the internet today, as internet users continue to grow there is still education and work to be done in the realm of data protection. How data is created, shared, processed, and stored today, or the volume of personal data that exists for virtually every human being on earth, there simply cannot be any data privacy without good data security.
The goal of Data Privacy Day is twofold – every user should understand that they have the right and power to protect and manage their personal data, while organizations understand why it is important to protect and safeguard their customers data and Personally Identifiable Information (PII).
Data Privacy Day is a reminder to every organization that accesses personal data to evaluate its IT security infrastructure. IT security solutions should be able to effectively communicate, regardless of where they have been deployed, to optimally protect data and provide network-wide visibility. The network must also include sophisticated data protection measures such as threat prevention and detection, pseudonymization of PII, and internal segmentation to isolate attacks and track customer data.
Every organization must have a documented and tested data breach response plan to be prepared for existing data privacy regulations or others on the near horizon.” – Vishak Raman, Vice President of Sales, India, SAARC and southeast Asia at Fortinet.
“Data privacy is crucial when it comes to the healthcare sector. As per the HIPAA Healthcare Data Breach Statistics, the global healthcare industry has reported 5150 “breaches” to the HHS Office of Civil Rights since October 2009. The average cost is estimated at $4.35 million per breach. At Indium, we consider every data as HUMAN, meaning as if we handle Patients and not just their Data. In line with this we ensure the data is end-to-end encrypted and patients records are accessed through use of a VPN connection. We have built an automated ML solution for PII/PHI data redaction and deidentification. We ensure our healthcare engagements follow HIPAA and GDPR control measures. As part of our best practices, we have mandated healthcare data privacy and HIPAA training for all associates. We maintain a “Zero Tolerance” policy on handling any patient record outside the client-secured environment”.- Kodeeswaran Natarajan, Vice President – Healthcare Practice, Indium Software