Only 22% of Information Management professionals in a recent study were confident in their organization’s approach to privacy. With nearly 100 fines levied since the May 2018 enactment of GDPR, the passage of the California Consumer Privacy Act (CCPA), and talk of new federal privacy legislation, it’s shocking that more organizations aren’t prepared.
Although data privacy has become a hot news topic in recent years, organizations have yet to give it the time and attention it deserves. For U.S.-based entities to take data privacy seriously, there must be a public incentive to comply and real consequences for doing nothing.
Consumers have historically allowed organizations prolific use of personal data so long as those organizations provided valuable services for free. In recent years, however, the misuse of this data has had widespread and very public effects on politics, financial security, and personal safety. The cultural shift necessary to shift corporate priorities quickens with each new bit of breaking news.
Data Privacy Best Practices
Achieving data privacy—and compliance—across the enterprise requires an efficient, universal information governance program. While implementing such a program may seem daunting, it’s important to break it down into actionable tasks.
- Include All Stakeholders. Data privacy demands consistency across all business functions. An effective data privacy committee should involve stakeholders from all units, including records, legal, IT, compliance, and the C-suite. Without buy-in from all relevant functions, your project could be doomed from the start.
- Take Inventory of Your Data. After you build your committee, understand how your organization handles personal data, what it collects, and where its most high-risk areas are.
- Create an Implementable Policy. Once you have an accurate picture of your organization’s data environment, you will be in a position to make an informed action plan. Be sure such policies have action plans attached and determine what new staff, technologies, or projects will be necessary to implement it. After all, a plan is only good if you follow it.
As data privacy increasingly becomes a public and regulatory priority, it’s time to get prepared. Learn more about ZL’s recent privacy study and what our findings mean for your organization here.