• December 11, 2019

GUEST VIEW: 3 Steps for Resolving Compliance on Data Regulation Laws - Odessa American: Guest Columns

e-Edition Subscribe

GUEST VIEW: 3 Steps for Resolving Compliance on Data Regulation Laws

Print
Font Size:
Default font size
Larger font size

Posted: Sunday, December 1, 2019 3:00 am

It’s hard to believe that the General Data Protection Regulation (GDPR) has been enacted for almost two years. Since then, California, New York, Maine and Nevada have all passed similar laws. As anyone familiar could have expected, many organizations still are lagging behind when it comes to protecting user data.

And it’s not a matter of company size — earlier this year, we saw Google fined $57 million and British Airways fined $237.8 million for failing to comply with GDPR requirements. Though this may be a drop in the bucket for theses billion-dollar companies, it does send a clear warning for other companies to act quickly or face the financial and legal consequences.

We live in an age when the amount of user data is scaling at an exponential rate. With such an overwhelming amount of data, one of the greatest challenges for companies is how to easily see what data they are taking in, where it is being stored, and how it is being stored. True data visibility should be the ultimate goal of organizations looking to maximize their understanding of data consumption.

Here are some steps toward achieving the goal of true data visibility:

—Identify all sources of data within the organization. Emails, browsing histories and enterprise applications generate massive amounts of data. Knowing where that data comes from is the first critical step to taking control.

—Understand the requirements for each data source. Another challenge to managing big data is that it comes from a variety of sources. GDPR requires that some data have assigned pseudonyms for an added layer of consumer privacy. By understanding the different sources of data, companies can better anticipate what requirements are necessary for each piece of datum.

—Integrate processes to take control of data security. It’s widely accepted that inevitably all businesses will migrate from traditional data servers to cloud-based data servers. These cloud-based data servers are built to ingest petabytes of data, privatize it, correlate it and score the risk so that a company can more effectively control processes with real-time situational awareness.

When GDPR came into effect, web users noticed an overnight uptick in the number of boxes they must check when visiting a website. While the inconvenience is minor, result had major implications for protecting user data. Consumers increasingly want to know what information is being collected from them, why and — most of all — how it’s being used. This newfound awareness has added to pressure for companies to demonstrate compliance and increase transparency with their users. And for many organizations, it’s just as much about reputation as it is return on investment.

As consumer privacy demands grow louder, transparency will become expected in a matter of time. It will influence their decisions on where to spend their money and their loyalty.

The Information Commissioner’s Office reported a total of 4,056 data security incident reports in the second quarter of 2019, up from 687 in the previous year. This presents another challenge for organizations looking to minimize risk.

At the present, there are two main paths toward achieving compliance and reducing the number of reported incidents – manpower or automation. Organizations can monitor and react to data breaches more quickly by hiring enough people to focus specifically on data security. But with today’s software offerings, leadership can leverage new capabilities such as automation to set a more efficient system into place for protecting sensitive data.

The GDPR is only the beginning of consumer data legislation. Soon after GDPR was passed, Canada enacted its equivalent — the Personal Information Protection and Electronic Documents Act. States throughout the United States are drafting their own legislation as well. California was the first, drafting the California Consumer Privacy Act that will go into effect in January 2020.

Each of these acts have varied implications for organizations of all sizes. The best plan of action is to take the proper steps toward compliance today in order to minimize risk in the future.

Chris Jordan is CEO of Fluency Security. He wrote this for InsideSources.com.

Odessa, TX

Current Conditions

Fog
38°
Humidity: 98%
Winds: S at 10mph
Feels Like: 31°

Your Extended Forecast

Tomorrow

weather
High 52°/Low 37°
Clouds giving way to sun . Highs in the low 50s and lows in the upper 30s.

thursday

weather
High 62°/Low 42°
More sun than clouds. Highs in the low 60s and lows in the low 40s.

friday

weather
High 73°/Low 40°
Sunshine. Highs in the low 70s and lows in the low 40s.
Online Features

Pet Central

pets

Having a pet is a lot of responsibility, and we’ll help by giving you lots of tips and tricks! More >>

Fitness

Fitness

Our fitness articles will help teach you how to work out with gym- and home-based exercises. More >>

Crosswords

Crosswords

Enjoy the crosswords challenge in our free daily puzzles, from the harder Sunday crossword to the quicker daily. More >>

Sudoku

Sudoku

Every Sudoku has a unique solution that can be reached logically. Enter numbers into the blank spaces so that each row, column and 3x3 box contains the numbers 1 to 9. More >>




  • ALL-ACCESS: Subscribe to our e-edition and premium website at myoaoa.com.
    You can read your daily newspaper without taking a walk to the driveway.
    Look back at yesterday's newspaper, or issues from months ago with our archive feature.
    Call circulation at 432-337-7314 to sign up today.