June 26, 2019
June 26, 2019
Contributor: Jordan Bryan
Legal and compliance leaders should build a culture of responsible data use to maintain customer trust and control and prevent data breaches.
Peter, a new sales associate at a food and beverage company, copied part of the client database onto his personal device so he could work while on the road. His USB is not encrypted and unknowingly, he exposed the company to a higher risk of a serious data breach.
Employees are the biggest source of privacy risk. In fact, 59% of privacy incidents originate with an organization’s own employees. Worse still — 45% of employee-driven privacy failures come from intentional behavior (though it may not be malicious).
Often, business leaders take a reactive approach, or don’t consider this risk to be a problem until it’s too late. This approach does not serve them well, as privacy and data protection becomes more complex as organizations move more applications to cloud providers, adopt postmodern enterprise resource planning (ERP) strategies and start platform businesses.
Read more: Digitalization Ups Demands on Data Privacy Executives
Gartner research predicts that by 2021, more than 60% of large organizations will have a privacy management program fully integrated into the business, up from 10% in 2017. For many organizations, the responsibility for privacy is either unclear or misguided, or both. The answer: Leaders from across the organization have a role to play in translating requirements and prioritizing risk mitigation action.
Similar to how executives approached data security 10 years ago, privacy management is often addressed after the fact and not embedded into the application life cycle. Legal and compliance leaders must ensure that all departments across the business use data correctly.
“Champion a change in mindset from compliance, certification and the avoidance of fines, to the responsible and ethical use of an individual's data,” says Bart Willemsen, VP Analyst, Gartner. “This will result in increased trust in your applications, systems and your organization as a whole, while delivering positive-sum outcomes.”
Learn more: Upholding privacy by design
As legal and compliance leaders responsible for data strategy and governance, you can minimize risk and maximize trust by doing four things:
Join your peers for the unveiling of the latest insights at Gartner conferences.
Recommended resources for Gartner clients*:
Some Gartner clients can read more in Business Case for Data Privacy.
*Note that some documents may not be available to all Gartner clients.