Privacy trends' update

In this update we look at the latest Privacy and Data protection trends and practical steps for organisations.

Trend 1. Data protection regulations are increasing across the globe

By 2023, 65% of the World’s Population Will Have Its Personal Data Covered Under Modern Privacy Regulations (Gartner)

The GDPR set a new legal framework and tone for data protection, not just for Europe, but beyond as the ‘new standard’ world-wide. Many countries, from Thailand to Brazil, have since adopted ‘GDPR light’ regulations along with US states like California with the CCPA.

Keeping up to date with the regulatory changes is a challenge, especially when the reality of modern business is such that data flows are international.

where should businesses’ start?

Adequacy decisions are in focus not just for the UK after leaving the EU but more broadly for international data flows. Businesses should start with understanding their data supply chain, accountabilities, data processor storage locations, liabilities and safeguards. Additionally, global organisations need to have an understanding of the regulations in relevant jurisdictions.

One of our core application feature’s within our Trace platform is our global Data Protection law tracker, which keeps pace with the world-wide privacy laws for our users. This helps our clients quickly visualise where countries have adequate laws, follow changes, and the tool helps them to assess the impact of their international data transfers visually.

Key takeout? Know your data flows.

Trend 2. GDPR is just the tip of the data governance iceberg

The GDPR was the start of a new path towards better data governance, based in the law, but practically that still must be translated into systems of governance for a businesses’ operations, tech choices, process design and culture. How the laws actually apply in the real world of international data flows, big data sharing, practical protection measures and use of cloud based data processors continues to be a daily challenge and often a headache for organisations.

In 2021, future focussed data driven organisations realise that data governance is an essential part of responsible innovation and drives better information management, more transparent processing and stronger tech choices. Businesses are now looking beyond the data protection compliance imperative and investing further in their data governance capability across people, tech and process.

Practical steps to take

1. Be strategic: compliance and privacy should sit in the wider context of data governance, business strategy, data ethics and building a trusted, customer focussed brand

2. Baseline: start by understanding your current maturity, gaps and key risks

3. Create a Data Governance Roadmap which is practical, ambitious and which aligns with value creation so there’s a clear direction of travel.

Trend 3. Threats are increasing: resilience & new skills required

The COVID-19 pandemic has changed the way we all live, play, learn and work. We’re more reliant on digital technology, connected devices and cloud services than ever before with many of us working remotely; all aspects of which are a target for cyber criminals.

95% of cybersecurity breaches are caused by human error

(Cybint)

Practical steps for business

1. Ensure there is dedicated expert Information Security resource, this is a specialist area which requires domain knowledge, but make sure specialists are aligned into business functions

2. Train your team and build awareness of common threats which include home working considerations: new data skills are essential for your workforce and leaders

3. Know your risks: this is a dynamic space which needs a proactive approach to risk management.

Trend 4. The law lags years behind tech: businesses must be proactive

When it comes to legislation the challenge is time-lag — it takes a many years to create and pass legislation; regulations are slow and technological change invariably outpaces the law makers. One example of that is GDPR is already out of pace with AI and Blockchain.

Practical guidance for leaders

Leaders must get ahead with a strategic, principle based approach to governance. Organisations should not wait for the law, and instead keep up with tech-led change and innovation as a strategic choice. More established companies should invest in executive training and coaching in data, or invite innovators in to bring a fresh perspective and ‘the outside in’.

trend 5. businesses embrace a holistic approach

Compliance with data regulations should not be the key driver for good data management, rather it should be an outcome of a well run, joined up operation.

Good information governance and robust tech stacks underpin business strength in uncertain global times and reflects a proactive approach to risk management, customer focus, sound tech choices, an effective culture and organisational discipline.

A key recent trend has been to move from compliance as a project towards a programmatic approach to Privacy by Design across the organisation.

practical next step towards a joined up approach

Now is the time to know your data and take a holistic approach across your data processes, tech and culture. Root data governance in operations, rather than treating it as a silo’d legal issue. Build your program based in Privacy and Security by Design principles.

Trace offer privacy and data governance solutions: our platform helps users comply with regulations like the GDPR and our professional ‘DPO’ services include data governance frameworks, data risk management, training and applied Privacy by Design.

Book your free consultation call now to see how we can help your business and teams.