Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Survey says more attention being paid to data privacy, but still a long way to go

Grant Hatchimonji | Feb. 3, 2014
Data privacy has gotten its fair share of attention these days, what with the high-profile data breaches that have taken place in recent months. Fittingly, PricewaterhouseCoopers released the results of its 2013 data privacy survey late last year, in which the 370 participants represented both board level members responsible for oversight of privacy programs within their organization and practitioners involved in day to day operations.

Regardless of how companies perceive the importance of privacy on the whole, they do seem to be, at the very least, discussing it more. The study results indicated that while the majority of respondents — 39 percent — were only discussing privacy issues at the board level annually, the number of companies that are discussing them more frequently wasn't far behind. That number is on the rise year over year according to Holcomb, with 23 percent of respondents saying that they discuss privacy issues quarterly.

"We've seen a big difference in how companies look at privacy versus security," said Holcomb. "Privacy is still up and coming. The boardrooms are really just starting to catch on and saying that security and privacy are different, and that [they] need to focus on privacy."

And in the long run, this obviously stands to benefit the company. As Holcomb points out, as both the company and board members become more educated on what exactly privacy means, they're beginning to keep the promises that they make to their consumers.

"The question is, if you put out a privacy notice and tell [consumers] what you're going to do or not do with their data, are you keeping those promises?" said Holcomb. "By getting additional information, companies are now better understanding the risks." Armed with better understanding, board members are becoming more focused on what their privacy notices say and what changes are coming about in their companies. This leads towards what Holcomb referred to as "privacy by design" and determining whether they are designing privacy into their products/services and whether it is done upfront.

"Now they're making sure the front end is in sync with the backend," said Holcomb.

This, according to Holcomb, is the key to an effective approach to privacy policies. Many organizations have a privacy notice out upfront, but they also need to be aware of what the backend systems are doing.

"There needs to be a governing structure of people that are looking at that linkage, communicating it to the board, and a program in place that is keeping that linkage tight all that time so you don't have a privacy problem," said Holcomb.

If the study results are any indication, avoiding those "privacy problems" appears to be a number one priority. The survey concluded that compliance and governance are "top of mind" for most board members, which would suggest, at face value, that this perhaps is limiting the scope of some companies' privacy policy as they just try to tick off the next box. But coming in a very close second place was "enhancing trust in brand" and many companies are now trying to focus on both.

 

Previous Page  1  2  3  Next Page 

Sign up for CIO Asia eNewsletters.