Regardless of how companies perceive the importance of privacy on the whole, they do seem to be, at the very least, discussing it more. The study results indicated that while the majority of respondents — 39 percent — were only discussing privacy issues at the board level annually, the number of companies that are discussing them more frequently wasn't far behind. That number is on the rise year over year according to Holcomb, with 23 percent of respondents saying that they discuss privacy issues quarterly.
"We've seen a big difference in how companies look at privacy versus security," said Holcomb. "Privacy is still up and coming. The boardrooms are really just starting to catch on and saying that security and privacy are different, and that [they] need to focus on privacy."
And in the long run, this obviously stands to benefit the company. As Holcomb points out, as both the company and board members become more educated on what exactly privacy means, they're beginning to keep the promises that they make to their consumers.
"The question is, if you put out a privacy notice and tell [consumers] what you're going to do or not do with their data, are you keeping those promises?" said Holcomb. "By getting additional information, companies are now better understanding the risks." Armed with better understanding, board members are becoming more focused on what their privacy notices say and what changes are coming about in their companies. This leads towards what Holcomb referred to as "privacy by design" and determining whether they are designing privacy into their products/services and whether it is done upfront.
"Now they're making sure the front end is in sync with the backend," said Holcomb.
This, according to Holcomb, is the key to an effective approach to privacy policies. Many organizations have a privacy notice out upfront, but they also need to be aware of what the backend systems are doing.
"There needs to be a governing structure of people that are looking at that linkage, communicating it to the board, and a program in place that is keeping that linkage tight all that time so you don't have a privacy problem," said Holcomb.
Sign up for CIO Asia eNewsletters.