Don’t Forget Content in Your Data Privacy Strategy

摘要： Let’s level-set: Data privacy regulations like the GDPR and CCPA are the tip of the iceberg, and enterprises need to start addressing privacy compliance and its related challenges immediately. Wait – don’t click away from this article. I promise it won’t be beating the dead horse of regulatory compliance.

▲圖片標題(來源：Kyle_McNabb)

Admittedly, the privacy regulation conversation can feel like a dead horse when it is so frequently discussed. It’s a constant reminder that organizations have a lot of work to do: They need to know where personal and sensitive data lives within the enterprise, they need to know whose data it is, and they must ensure its collection and use is compliant. And there are real reasons these objectives must be achieved. Compliance will not only ensure organizations avoid hefty fines, it will also help them to optimize Data Management. In a 2020 survey, 39 percent of IT leaders said data regulations help their teams use data more effectively.

Homepage>Data Education>Database News, Articles, & Education>Don’t Forget Content in Your Data Privacy Strategy Don’t Forget Content in Your Data Privacy Strategy By Kyle McNabb on December 10, 2020 TwitterFacebookLinkedIn Click to learn more about author Kyle McNabb. Let’s level-set: Data privacy regulations like the GDPR and CCPA are the tip of the iceberg, and enterprises need to start addressing privacy compliance and its related challenges immediately. Wait – don’t click away from this article. I promise it won’t be beating the dead horse of regulatory compliance. Admittedly, the privacy regulation conversation can feel like a dead horse when it is so frequently discussed. It’s a constant reminder that organizations have a lot of work to do: They need to know where personal and sensitive data lives within the enterprise, they need to know whose data it is, and they must ensure its collection and use is compliant. And there are real reasons these objectives must be achieved. Compliance will not only ensure organizations avoid hefty fines, it will also help them to optimize Data Management. In a 2020 survey, 39 percent of IT leaders said data regulations help their teams use data more effectively. Again, this is not to beat a dead horse – it’s to remind IT leaders that they haven’t even been talking about the full horse. Because while many organizations have started to address privacy compliance for their structured data residing in databases and data lakes, most have neglected to account for unstructured data and content. With the explosive growth of records and the widespread remote workforce, there is a vast volume of unstructured data living in documents and records (e.g., Microsoft Word documents, reports, spreadsheets, and emails) that continues to grow. According to a 2020 AIIM study, the amount of information coming into organizations will increase up to 4.5 times in the next 18 to 24 months – and 60 percent of that data will be unstructured.

Clearly the data privacy regulation horse is alive and kicking, and in desperate need of a saddle – but if organizations can get their arms around it, that compliant data will be working for them. Knowing this, IT leaders need to revisit and reprioritize how they find, classify, and manage personal information, especially content. If organizations continue to leave unstructured data out of privacy efforts, organizations will not only fail to comply, but also struggle to thrive – even survive – in the post-pandemic, digital world. For IT leaders looking to harness the horsepower of compliant data, taking a path to privacy-aware governance is a great place to start.

The Need for Privacy-Aware Governance

First, it’s important for IT leaders to assess how the pandemic has impacted their organizations’ usage of content. With the advent of the mass remote workforce, workers use shared/network drives, Slack, SharePoint, and Microsoft 365 more than ever. As a result, IT leaders need to be concerned that ungoverned, user-managed documents and content puts the organization at risk.

Organizations’ IT environments continue to change, adding complexity to governance. Companies accelerated moving their applications and workloads to the cloud, driven by the pandemic and economic fallout, either to reduce in-person work at data centers or because the cloud offers more flexibility as business demands fluctuated. Now that IT leaders need to manage on-premises systems, public cloud, and hybrid-cloud IT environments, they face several compliance and Data Governance challenges with their content:

They don’t know where privacy information resides within documents/records

They are unable to associate privacy information within records to a specific customer

They have no audit record of who has accessed/viewed the privacy information

They are not currently able to redact privacy information

They are maintaining customer information for longer than required by law

Knowing that content will only continue to grow, and the remote workforce isn’t going away, it is no longer enough for organizations to simply manage information.

They must prioritize privacy and regulatory compliance in their governance strategies.

詳見全文： dataversity

若喜歡本文，請關注我們的臉書 Please Like our Facebook Page： 　　　Big Data In Finance