What started with the General Data Protection Regulation (GDPR) in the UK has continued with the California Consumer Privacy Act (CCPA) in the US: new privacy regulations have created radical shifts in societal expectations regarding data security. Such changes require a variety of an organization’s division managers to come together to confront challenges that affect IT, Security, Legal, Sales—almost every aspect of daily business.
But with new privacy regulations developing at a rapid pace, many organizations have been left confused and “unable to adapt their privacy management program at a suitable pace,” according to a Gartner report on The State of Privacy and Personal Data Protection, 2019-2020.
The report recommends major strategies for security and risk management leaders, breaks down the development of privacy laws by continent, and showcases technology capabilities that support the increasing volume, variety, and velocity of personal information. Together, this information represents how organizations should look at implementing technology-enabled privacy programs across enterprises.
3 Data Privacy Recommendations for Security and Risk Management Leaders
The report suggests three overarching needs for security and risk management leaders to consider at their businesses to help maintain compliance with current data privacy laws.
- Incorporate the demands of a “rapidly-evolving privacy landscape” into organization data strategies by reviewing the regional data privacy guidelines that affect them. Gartner provides some of these guidelines in this report.
- Adopt technology that can help businesses support the increasing volume, variety, and velocity of personal information. Gartner suggests utilizing a “three-stage technology-enabled privacy adoption program.”
- Address any outstanding compliance needs, and continue to deliver value to your customers while acting as good stewards of personal data, by taking a “practical approach” to both the letter and the spirit of the law.
Organizations that handle personal information well are rewarded through increased user loyalty on a B2C level, and greater vendor credibility on a B2B level. So even independent of regulatory requirements and potential fines, it’s good business to handle personal data well. Get complimentary access and read the full Gartner report here.