Everyone’s worried about protecting their personal data, and for good reason. Consumers expose sensitive information that enterprise organizations are collecting, whether it’s for gaining access to information/content, signing up to do online shopping transactions, switching insurance or medical policies -- the list goes on.
The scary part is that the personal data is often passed on to other parties, and who knows how they’re safeguarding that information. But as we all know, businesses are now on the hook for huge penalties if they don’t comply with recent regulations put into place (or coming up soon) to protect their customers. It’s time to pay attention.
The InformationWeek team covers data privacy extensively, and so we’ve created a short but comprehensive guide to answer the common questions we hear in the field:
- What are the compliance regulations, and why should they care?
- How are companies creating their own policies, and what are the best practices?
- Are there tools that can help in our effort to protect their customers’ data privacy?
- What about specifics in applying policy to AI and other technologies?
- Which industries are most affected?
Check out this collection of articles, and more from InformationWeek on other topics such as IT management, careers, big data, DevOps and cloud.
The General Data Protection Regulation was designed with the goal of providing more protection for individuals. Now, enterprise organizations need to understand which U.S. sales and marketing practices are allowed under GDPR, and which are not.
GDPR applies to any company that holds personal data of individuals residing within the EU, and failure to comply with GDPR could cost companies up to €20M or 4% of annual global turnover. According to a PwC survey, more than 40% of companies, including American companies with a data presence in the EU, spent over $10 million preparing to comply with GDPR, but according to an April 2019 study, only 27% of U.S. companies are fully compliant.
Google's appeal of its GDPR fine over data privacy and transparency just may illuminate the best way forward for enterprise IT.
In 2020, California is set to enact the most stringent data privacy law in America, known as the California Consumer Privacy Act (CCPA). The CCPA is robust — covering many of the concerns people have regarding data privacy. The larger issue is the very real (and scary) possibility of all 50 states enacting their own versions of such a law. Now that should keep the C-suite up at night.
The GDPR in Europe has already altered how companies collect, track, use, and store personal data. Now, the US is getting ready for the California Consumer Privacy Act (CCPA), which comes into effect on January 1, 2020. The CCPA will give Californians the right to request that companies delete their personal data, know whether it is being shared and the categories of companies it is shared with, and “opt-out” of having their data sold to third parties.
A new encryption-focused law in Australia highlights the need for all parties to come together to identify a solution that protects privacy, e-commerce, and people and institutions.
Company privacy policies and best practices:
In a post-GDPR world, IT and business leaders face unprecedented pressure to demonstrate they are responsible data stewards. Here are six steps that might help.
New privacy rules are coming. Is your organization ready? Data privacy, once primarily a concern for finance and healthcare, is rapidly becoming a priority for nearly all types of organizations, particularly those that collect personal information for marketing analysis.
Data privacy has received a lot of attention over the past few years. From high-profile data leaks at Facebook to ongoing concerns about data privacy at Facebook and efforts by governments to give consumers more power to control their own data, the issue of data privacy is at top of mind for consumers, governments, and businesses.
If you want customers to be loyal to your company or to your brand, you need to protect their data and treat it with respect.
Burned by past abuses, consumers are guarding their data with an iron fist. You can win back their confidence and gain the insights that provide targeted services. Here’s how.
In an age when "data is the new oil," fueling innovation and growth, enterprises face all kinds of new challenges when it comes to handling consumer data. Should they follow the regulations from the strictest jurisdiction where they do business, or should they run multiple parallel programs? How do they handle a breach? What must be disclosed in their terms of service?
Privacy and technology:
For all the talk about the burden that privacy regulations might place on businesses, it turns out that those regulations actually can help companies leverage their data.
Emerging privacy laws and the increasing use of AI mean that companies need to rethink their approach to data use and protection, not only in terms of what they’re doing today but scenarios that may unfold in the future.
There are ways to increase user privacy while still preserving the accuracy of machine learning systems. Here are three practical options for CIOs.
Yes, there are ways for Blockchain applications to be compliant with the European Union's GDPR privacy regulations. A closer look at Blockchain’s underlying concepts and technologies reveals how the technology improves the fundamental aspects of data privacy and security specified in GDPR, depending on how this solution is designed to meet the GDPR needs.
The Internet has created more individual privacy than any technology in human history. So why are we constantly told otherwise?
Privacy in healthcare:
Modernizing an industry that is under federal compliance mandates and historically has been slow to embrace new IT can require an extra bit of finesse.
If the modern Hippocratic Oath states, "I will respect the privacy of my patients," shouldn't that statement extend to protecting patient data?
Check out our other Enterprise Technology Guides: