This white paper authored by Salinger Privacy explores the following:-
- The new privacy and data protection legal environment
- The intersection between privacy law and information security practice
- How data classification enables data protection
- Protecting data, even when sharing data
- Simple ways to improve security culture across the enterprise.
Around the world, new privacy and data protection laws are driving the need for significant operational and technological responses. The challenge of protecting personal data in particular is big news: with the commencement of the General Data Protection Regulation (GDPR) in May 2018, fines for failing to comply with privacy laws will reach up to €20 million, or 4% of a company’s annual global turnover.
At the same time, there is increasing pressure on organizations to collect more information than ever before and then release the value ‘locked up’ in their data holdings. The promise of big data is that it can have a transformative impact on our way of life, offering opportunities to “grow our economy, improve health and education, and make our world safer and more energy efficient”. However being able to fully realise the value of big data requires organisations to establish “rules and processes around the use and management of personal data so that the risks are properly mitigated”.
Resolving these tensions requires a finely-tuned response, so that personal data and confidential data remain robustly protected, while the process of sharing appropriate data with authorised parties is simplified.