Canadian Security Magazine

News Data Security Opinion
Data security in an age of questionable trust


Andy Teichholz

At the turn of the twentieth century, oil reigned supreme as one of the most valuable commodities, fueling incredible growth and propelling the economies of the world into a convergence of trade

Fast forward 100 years later, this once lucrative trading good that powered the automobiles, homes and common items we take for granted, no longer holds this same favoured position. Data, on the other hand, encompassing all of our information we regularly generate and distribute at an alarming rate is prompting government regulators and individuals to investigate and question how our information is used. Now more than ever, data has propelled ahead to become the most important “good”. Its value and impact is immense with the capacity to empower the decisions and actions of individuals and entire organizations. In particular, in the retail sector, almost every electronic transaction and purchase is being recorded, along with the personal habits of billions of people the world over. Personal opinions, messages and thoughts are being shared at a pace that was previously unfathomable through various social media channels. The digital transformation of human activity has fast-tracked data and its insights into a realm of unparalleled value and endless opportunity.

Since the outbreak of the COVID-19 pandemic, the digital transformation process has become further accelerated, making digital interactions between customers, businesses and employees vital to sustained productivity and service delivery. In this new world reality, many businesses and organizations now find themselves in a scenario challenging current practices and processes; products and offerings must scale rapidly within shorter time frames, sometimes in a matter of days or weeks, rapidly scaling from previous delivery timelines. The rush for many organizations to become digital-first is evident as remote work for millions of the global workforce has become the new norm. This new and evolving experience taking place within the digital realm has implications for data privacy and security. As more processes shift to digital, more data is generated, shared and sold. Now more than ever, data protection is critical, especially when it comes to consumer personal data.

With more media coverage and social media exposure, customers have become acutely aware of their rights and concerned about how their data is being protected. According to new research commissioned by OpenText, of 2,000 Canadians polled, nearly half (49%) stated they would pay more to do business with an organization that is committed to protecting their data privacy, with 40% of respondents stating they don’t trust organizations to keep their personal data safe or private. When coupled with growing consumer expectations around data privacy, and the increasingly stringent regulatory environment governing how personal data needs to be managed, organizations must ensure that their data privacy systems can scale appropriately for a digital-first era.

Advertisment

The impact of data privacy reform around the world cannot be overstated. It set the standard for expanding consumer control over their data and rights, among other things, to understand how their data is being processed, used, and managed. Legislation such as, the Personal Information Protection and Electronic Documents Act (PIPEDA) and the Privacy Act – the former governing how private sector businesses can collect, use or disclosure of personal information in relation to commercial activities and the latter – governing Canadian privacy rights when individuals interact with or engage with the federal government are prime examples. While there are additional privacy laws in place by province, for example, the Freedom of Information and Protection of Privacy Act (FIPPA) that governs specific institutional obligations to protect the privacy of individuals with respect to the personal information of Ontarians and their general government records, the overarching trend is clear: technological innovation and increasing volumes of information are pushing the limits of privacy well beyond current regulatory standards and legal requirements. And as the amount and complexity of information grows, so do the risks and impact across all areas of an organization or institution.

Given these challenges, strong information management is the first step to achieving data privacy compliance. Organizations need to bring departments and teams together to reveal a more cohesive and all-encompassing picture of information management for both its structured and unstructured data. Businesses can benefit from incorporating enterprise content management software that allows them to manage the flow of information from the initial retention through to its eventual archival or disposition to reduce risk and address an increasingly complex regulatory landscape.

Organizations that fail to comply with data privacy laws risk losing the trust of their customers and ultimately their business. Executives and leaders must adopt technology that not only provides visibility into how they capture and secure data, but also provide appropriate opportunities to respond rapidly to customers’ requests. In addition to implementing appropriate security measures, organizations should invest in comprehensive privacy management solutions that automate and integrate an organization’s privacy policies with data privacy and protection principles.  As a result, organizations will be in a better position to satisfy regulatory requirements, reduce the risk of reputational harm, and maintain customer trust.

Andy Teichholz is Senior Industry Marketing Strategist, Legal and Compliance, OpenText.