The 3 common myths about data privacy
The business world has reached a turning point in data privacy: it’s no longer optional. More data privacy laws are being proposed around the world, and customers and business partners want to know about your privacy practices before they’ll do business with you.
Here are three of the most common data privacy myths:
“Data privacy is a passing trend.”
Some companies are treating GDPR and the California Consumer Privacy Act (CCPA) as a finish line, when actually they’re just the beginning. Legislatures around the world, including the United States Congress, have passed or are in the process of passing new or expanded data privacy laws, as are several U.S. states and even municipalities such as San Francisco.
In addition to the legislative angle, both consumers and businesses are increasingly concerned about the data practices of companies they do business with. In a recent survey of 10,000 consumers, 75 percent of respondents said they will not buy from a company if they don’t trust them to protect personal information — no matter how great the company’s products are.
“We bought this tool that promises to make us compliant, so we’re good.”
Complying with data privacy legislation is a complex, multi-faceted process. While technology tools can simplify and automate certain tasks, there is no substitute for human effort in addressing the foundational elements of a compliance plan — like understanding how and why you are processing personal data and what data you are disclosing to your business partners.
“Once we achieve compliance, we’re all done.”
After executing a comprehensive compliance plan, businesses may be tempted to relax, feeling that they have finished the hard part of the work. However, the world of data privacy is always changing, and it’s important to watch for “triggers” that can affect your compliance status. These include external triggers — such as new regulations, judicial clarifications of existing laws, and technology innovation — as well as internal triggers such as business changes, new vendors or partners, and mergers/acquisitions.
While the global picture of data privacy is still taking shape, we can all be certain of one thing: there’s no going back to “business as usual” in terms of how companies handle personal information.
Need help with data privacy compliance?
See how Logic20/20 can help.