Treasures from the Archives...
Exploring the Intersection of Security, Governance, and Generative AI
This session emphasizes the need for a balanced approach that embraces innovation while prioritizing ethical and secure AI practices.
The columnists and interviewees featured here are members of the InformationWeek Insight Circle -- an invitation-only group of trusted readers and expert sources. The Insight Circle helps our editorial team ask the hard questions and make sense of the answers. (Send nominations to [email protected].)
With Data Privacy Day upon us, privacy’s importance can be seen in three trends that will emerge in 2024 at the intersection of privacy and human resources.
Data Privacy Day commemorates the signing of the first international treaty related to data privacy, the Convention for the Protection of Individuals with Regard to Automatic Processing of Personal Data, on January 28, 1981. This anniversary provides an opportunity for all of us to reflect on why privacy is important. From a business perspective, privacy builds trust. Every day, clients entrust our companies with personal data. It is important that we honor that trust by not only protecting that data but also handling/processing it in compliance with applicable laws.
Privacy’s importance can be seen in three trends that will emerge in 2024 at the intersection of privacy and human resources. First, we will see increasing regulation, both in the US and globally. Second, we will see an increasing demand and expectation for transparency around data collection and usage, particularly where AI acts on personal data. Third, we will see increasing adoption of AI in the employment context.
On the regulatory front, US states, Canadian provinces and countries around the world will continue to adopt privacy laws. Already this year the New Jersey legislature has enacted a privacy law, and bills are pending in several others. In the HR space, while many state laws carve out employees, California’s notably does not, and most laws globally have employees in scope.
In 2023, India enacted a comprehensive privacy law after several years of deliberation. And in those jurisdictions that already have laws, further regulations and guidance are being issued by privacy authorities. Increasingly, this guidance relates to special types of data, such as biometrics and geolocation, setting up additional rules and restrictions that employers will need to be cognizant of.
All this means that companies will need to be vigilant in monitoring legislative developments in the privacy space and consider how those impact their employees and contingent workers. And they will have to build or enhance their existing privacy compliance plans to meet these emerging requirements.
Transparency is already a common hallmark in privacy. Most privacy laws require notice to individuals at or near the time of data collection. We see this most readily through companies’ privacy statements on their websites and cookie banners for visitors, in the notices we receive in the mail from various providers, and in the HR space in corporate employee policies.
What is new here is that many companies are now also letting individuals know when they are interacting with an AI system or when an AI system will act on their information. While some of this transparency is the result of existing regulations, the primary driver is the need to build trust.
People only use technology that they trust, and understanding how that technology will use their data is a first step in building that trust. Data, including personal data, is the lifeblood of AI, but people will opt out of AI systems unless they trust that their information will be appropriately processed. To keep people’s trust and willingness to share their data as AI systems become increasingly ubiquitous, there will need to be increased transparency around data usage by those systems.
Speaking of AI, it is going to transform opportunities for both companies and their employees. On the company side, it will allow HR practitioners to answer employee questions more easily, using more natural language, and find the specific information sought.
On the employee side, AI will help employees identify skills they already possess and those that they need for their next role, as well as training paths to get there. And for both companies and employees, AI can help surface qualified candidates with non-traditional backgrounds, helping create opportunities for job seekers while enabling companies to find the best talent.
Data privacy also impacts each of us personally. Indeed, as employees, data privacy matters in two ways. First, we want to make sure that the personal data our employers process about us is protected. We are entering W-2 season in the United States when everyone will get tax forms from their employers. Truncating social security numbers is one way to deter identity theft and protect employees.
Second, data privacy is everyone’s job. So, when a company collects and uses personal data, each employee shares responsibility for making sure that data is processed appropriately and in accordance with company policies and applicable laws.
As companies approach these trends, they should keep in mind the importance of innovating with integrity. No matter the technology used, it is vital to adhere to core values, including compliance with regulations, transparency to employees and the need to build trust with customers. Only with this foundation will people share information that enables the opportunities and insights provided by today’s technology.
Read more about:
RegulationYou May Also Like
2024 InformationWeek US IT Salary Report
Aug 15, 2024Managing Third-Party Risk Through Situational Awareness
Jul 31, 20242024 InformationWeek US IT Salary Report
May 29, 20242022 State of ITOps and SecOps
Jun 21, 2022