Connect with us

Hi, what are you looking for?

Tech & Science

Time to understand your data ahead of Data Privacy Day

At a high level, three control categories—physical, technical, and administrative—need consideration.

A data center: Network cables plugged into a server. — © Michael Bocchieri/AFP/Getty Images
A data center: Network cables plugged into a server. — © Michael Bocchieri/AFP/Getty Images

January 2024 sees both Data Privacy Week (Jan. 22-26) and Data Privacy Day (Jan. 28). These are important events in the technology calendar and during this time cybersecurity experts provide insights and tips on privacy and data protection.

One such expert is Larry Whiteside, Jr., CISO at RegScale, who has explained to Digital Journal how new regulations and new cyber-threats are presenting key challenges to the technology officer.

Beginning with data privacy, Whiteside  states: “Privacy is an evolving aspect of our digital landscape, and its significance has been shaped by a pivotal driver: consumers actively expressing the importance of their data, particularly in the aftermath of numerous breaches compromising consumer information.”

Another impact on firms is where “Companies have been avidly engaging in data collection to gain valuable insights into the consumers they serve. Consequently, organizations are now under greater pressure than ever to handle data responsibly, which is particularly daunting for those managing large volumes of data. However, by adhering to a few fundamental principles, organizations can effectively navigate the demands of privacy regulations.”

Whiteside has provided five important principles for companies to observe in order to strengthen their controls around data privacy.

Principle #1 – Understand Your Data

Whiteside observes: “To comprehend the privacy implications for your organization, it is imperative to be aware of the data at your disposal. This requires a thorough investigation to identify the type of data, its location, users, and access. Although seemingly simple, this task can be complex, emphasizing the critical importance of Principle #2.”

Principle #2 – Establish Ownership

Whiteside states: “Ownership is key for the execution of any program or process. To ensure accountability, assemble a team of stakeholders with board-level visibility to establish policies and standards governing the organization’s use, collection, and maintenance of data.”

Principle #3 – Implement Sensible Controls

The third point is pragmatic: “At a high level, three control categories—physical, technical, and administrative—need consideration. These controls serve as the linchpin for determining how to handle Privacy Data effectively and align with Privacy Regulatory mandates.”

Principle #4 – Minimize Unnecessary Data

Good housekeeping is important, notes Whiteside: “Organizations often collect data for specific purposes without establishing processes for its proper disposal once it becomes obsolete. Failure to address this exposes companies to unwarranted risks. Following Principle #1 allows organizations to identify data that should be disposed of to mitigate potential risks.”

Principle #5 – Continuous Improvement

The final principle from Whiteside concerns striving to be better: “Many organizations halt their efforts after completing these fundamental exercises, which can be detrimental. A “rinse and repeat” approach can ensure that privacy measures remain effective, adapting to evolving circumstances. Ceasing at this point risks rendering previous efforts obsolete, as the context of data evolves over time.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Business

For SMBs, the move to cloud accounting is part of a larger shift in how businesses are retooling their operations

Tech & Science

The best way to stay safe while gaming is to treat your online security like you would in real life.

Business

South Korean ministries and police said Thursday they were blocking DeepSeek's access to work computers.

Business

America First means isolationism. Cute, except isolationism has destroyed every country that’s ever tried it.