In today’s business landscape, personal data is a commodity, with insights driving innovation and business strategy.
But businesses are realising it is a tightrope-walk between striving to become data-driven, and managing data privacy. This is especially true as cyberattacks increase as a result of remote working habits. According to a recent report on the future of cybersecurity in Asia Pacific and Japan, 68 per cent of respondents were breached by an attack in 2021, a 36 per cent increase from 2019, and reflective of the challenges hybrid work presents.
Consumers are growing increasingly concerned about how their data is collected and stored by enterprises as more organisations look to introduce data-centric apps and services. With Google phasing out Cookies by 2023, businesses are looking to innovatively engage with customers and collect data in other ways, but it’s important they don’t place consumers’ data at risk.
Ultimately, as businesses embrace data-driven innovation; data privacy and protection must be at the forefront of all decision making and strategy to protect consumers from cybercrime and human-error based data leaks.
Protecting data starts with building a proper foundation
While businesses look to utilise personal data, they must build a strong foundation to manage and protect this data by developing data privacy and protection frameworks.
Businesses aiming to become data driven should prioritise building a culture around data. Ensuring that everyone in the organisation understands how to handle data and use technology in responsible ways is key to remaining compliant and avoiding data risks. Traditionally, data literate employees have been isolated to IT or business intelligence teams and are removed from business decision makers. However, in modern businesses data is everywhere and knowing how to use, share and store data should be standard for all staff. Developing a data focused culture, and introducing ‘data champions’ to an organisation who can educate others on the correct management and handling of data, can significantly improve a businesses data privacy practices.
This is not forgetting data protection. Traditional data security solutions require additional support to address increasing data privacy regulations and protection requirements. As Australian businesses migrate their workloads from on-premise environments to the cloud, they must ensure they implement a data and analytics platform that provides appropriate security, and encrypts data during the cloud migration process to protect against attacks.
Don’t be a data hoarder – it’s time to declutter
Organisations often fall into the trap of hoarding data on systems, which are later forgotten and not erased.
If holding personal data is necessary for your organisation, it is essential to define data retention policies. The best practice is to report how long the data has been held or used and analyse its worth. This will help users identify whether they are unnecessarily hoarding personal data and act. Some guiding questions can include: How long has this “potential customer” been on your mailing list? When was the last time this customer interacted with you? What information from their last interaction is necessary to hold onto?
Businesses can also avoid stockpiling unused data by using a modern data management solution that can help build enterprise-wide governed data catalogues – providing a secure repository of all their data for analytics. It is also vital for organisations to ensure the solutions they use align with the latest data protection and privacy laws around the world, like the General Data Protection Regulation (GDPR), which was implemented across the European Union in 2018 and affects all businesses who work with European organisations.
Transparency and accountability matter
Data has become an essential navigation tool in a world of uncertainty heightened by the pandemic. Contact tracing apps serve as an instrumental tool to protect the public’s health and safety, while data analytics and dashboards have been key to Australia’s response to COVID-19. The Australian Department of Health has relied on Qlik data visualisation and analytics for more than a year, providing key decision makers with actionable, pinpoint accurate data in real time so they can keep the public informed and stay ahead of the virus.
But organisations must also realise that behind every data point is an individual, and with that comes the importance of building trust. Individuals are not opposed to providing access to data – many are willing to trade it for convenience or access to services. But the growing mistrust among consumers stems from data breaches and poor communication around data privacy, signalling the need for businesses to practice transparency in data use. By building data focused cultures and staying vigilant with how data is stored and implemented, businesses can avoid leaking their consumers’ data to cybercriminals, building consumer trust and protecting innocent people from harm and exploitation.
Protecting data in a data-driven world
As we step into a more connected future, our decisions will become increasingly data-driven. Data strategies vary from business to business, and continue to develop as new challenges and opportunities arise. Those who will stand out from the pack will lead a data-driven culture that values both the power of personal data and the responsibility that comes with its collection and use.
This involves establishing a set of rules and policies around data privacy that are understood and practiced across the organisation. These practices should minimise risk while deploying secure data platforms and tools that protect data from cyberthreats and human error throughout its entire lifecycle.
If you are collecting personal data, but are yet to establish a data privacy and protection framework in your organisation, the time to implement one is now.