adminWhether it’s account credentials (usernames and passwords) or medical records, a company’s sensitive data is vulnerable to theft or sale. But it’s not just the company that suffers: Consumers are impacted by the data breaches, losing trust in businesses and feeling powerless to take action. The consequences of a breach include data loss, reputation damage, legal fines, and lost business opportunity.
Data privacy is a broad issue, and each of us has a responsibility to protect our own information. Individuals can protect their data by limiting the amount of personal information shared and who it is shared with. They can also use their rights under omnibus data protection laws, which typically provide the right to be informed of collection and processing, to access confirmation, to restrict or object to collection or to correct or erase their personal information.
It’s also important to remember that a privacy breach doesn’t have to be an intentional act by malicious third parties. Even if companies limit the types of information they collect and share, a breach could still occur through careless oversight. Managing the risks of personal information collection, storage and sharing requires a holistic approach that considers governance, policy, training and technology. A strong governance program should include adequate investments to bolster internal staff and secure systems, as well as active monitoring of new and existing privacy regulations. And it should extend the stewardship of data beyond the organization by including third-party agreements with accountability provisions.
