Tags :Chief Privacy Officersdata privacyData Protection Bill
As the world moves towards a cloud-based future, securing your workplace and protecting company’s data is integral to maintaining business processes. At this junction, the role and responsibilities of the Chief Privacy Officers (CPOs) is arguably the toughest job in an enterprise. They are responsible for ensuring that their organizations follow appropriate procedures and documentation to comply with the increasing number of data privacy regulations. Most importantly, the CPOs are also the central authority for making privacy-based decisions and protecting the interests of a company’s customers.
Data is now the most important commodity for businesses. And due to the sheer number of privacy regulations and mandates, the CPOs therefore are under great obligation to interpret all these mandates and implement proper privacy programs for compliance. At times, companies overlook customer privacy, or they take certain superficial actions to only satisfy regulatory mandates. These measures may not be deep enough to actually help secure the consumer’s privacy. And even though privacy concerns are getting enough media coverage raising awareness and concern, very few people actually understand data privacy, consent, regulations, or their rights in depth.
For example, many cookie banners that appear to give website visitors control over their consent choices, do not offer sufficient consent options for data collection and use. And at times users’ behaviour too can obstruct the company’s plan to implement best practices for data privacy. Internet users and consumers reportedly have shorter attention spans and tend to skim rather than read policies in depth. However, consumers still demand companies to be transparent with their data management, putting the companies in a huge obligation of safekeeping the customer’s trust on them.
Data Privacy & Compliance Insights
Businesses place great value on the data they collect about their customers. Through this information, companies can send out targeted advertising, predict sales trends and improve their products. But consumers naturally see it differently. For many people, data collection is an invasion of their privacy and a practice that can easily be abused, leading to mistrust and suspicion of many businesses.
According to a KPMG survey, 62% of companies felt that they should protect customer data. A third of them said that consumers should be more concerned about how their company uses their data. At the same time, 29% admitted that their company has sometimes used unethical means to collect private data.
Consumers aren’t just fearful about the practice of collecting data; they are worried about how their data may be compromised or sold to other parties. This split between business and consumer sentiment is not new. The situation is made far worse when the media reports ransomware attacks, leading to leaks of data to third parties and cyber criminals. Such incidents can make a serious dent on the company’s repute. This scenario shows that businesses have a long way to go to make the public more comfortable with collecting, using and safeguarding data.
Data privacy is now being regarded as a constitutional right in many countries, even in India. We have seen an increase in the public debate and consumer awareness around data privacy in recent times.
For many years, protecting consumers’ privacy was about putting fences around online experiences and consumers’ data to keep them “safe.” In today’s reality, this old notion of privacy has died, as consumers are getting too much value online to be limiting themselves for the sake of their “privacy.” This is why the time has come to rethink privacy and instead focus on data ownership.
Data Protection Tip
The need for pervasive data access has dramatically increased over the last 18 months. The workforce has now shifted to remote work during the pandemic. Their need to access business applications and data has accelerated their companies’ move to the cloud. These major shifts in the way companies do business mean data flows everywhere, which means data protection must be everywhere. Companies that allow users to log into cloud services and access unprotected data no longer face the question of – if they will have data stolen, but when-and when may already be in the past.
Here are four tips to consider regarding data protection in the age of remote work, pervasive cloud, and frequent breaches:
- Assume unprotected data is vulnerable, everywhere, and always
- Protect everything, while prioritizing the most important ones
- Preserve the ability to analyze data in its protected form
- Ensure your provider’s protection is independently validated
Data is undoubtedly the bloodline for current businesses and it will gain more and more precedence going forward, with data-centric technologies such as Artificial Intelligence and Machine Learning coming into the picture. Hence, it is understandable that data protection should be of utmost priority for organizations. Data protection assurance will be one of the most basic service standards companies must provide in order to earn and retain customers for a long time.
(The author is CEO, Crayon Software Experts India and the views expressed in this article are his own)