Building the complete privacy toolbox

By Dave Roberts - May 21, 2019

There are a huge range of tools and techniques available to help you protect your data – but there’s no perfect tool that covers everything. To ensure a data breach doesn’t land your organisation on the front pages, you need a cohesive strategy.

With data privacy at the front of consumer’s minds more than ever, organisations that ignore privacy management risk more than just fines. They risk major reputational damage. We’ve already seen some of the world’s biggest organisations fall victim to this, and it’s causing a significant shift in public awareness. Consumers are more aware of their rights, the value of their data to organisations, and the consequences of oversharing their data.

That’s why expectations for organisations to securely protect customer data and manage privacy are at an all-time high. Yet still, 74% of consumers believe companies are not transparent in the ways they get permission for customer data.

So, what can you do to be the company your customers can trust?

 

Get a complete privacy toolbox

The wide range of privacy techniques and tools available is staggering, but it’s easy to fall into the trap of using one tool for every process. Tokenisation may be great for protecting payment card data, for example, but it’s not as effective as generalisation for protecting dates of birth. The right approach is to combine the right tools and techniques according to the type of data and how it is being used, and by whom.

Companies also need to consider their data in its wider context, and the possible implications should that data being linked with another dataset. For example, Netflix released supposedly anonymised user data as part of a competition, two university researchers quickly discovered that they could work out users’ identities just by matching their movie choices and ratings to those publicly available on IMDB. The data Netflix themselves released was only part of the story; although that data was stripped of personally identifying information, the publicly available dataset made it possible to reveal the users’ identities.

Which is why it’s essential to focus on privacy management and make sure you have a complete strategy in place.

Leave no gaps unfilled

Data privacy management is all about connecting your privacy techniques to ensure there are no gaps left unfilled. With these four privacy by design principles, maintaining a complete privacy strategy becomes easier:

1. Have a centralised privacy policy

With a privacy champion overseeing your strategy, you can ensure you always have a holistic view of your privacy policies across your company.

2. Comprehensively de-identify and mask your data

Use a range of advanced privacy techniques such as tokenisation, encryption, redaction, perturbation and generalisation – and decide which technique is most suited to the task at hand.

3. Effectively control and manage data linkage

Avoid data you release being linked to re-identify your customers by ensuring safe data distribution and separate data releases.

4. Maintain pervasive data governance

Manage the usability and accessibility of your data by auditing and logging usage, integrating data governance with operational processes, and tracking and tracing data releases.

Embrace data privacy

It’s not just your customers that will benefit from your effective data privacy strategy – there’s a wide range of benefits for your team, too.

You’ll have the freedom to open up the use of sensitive data across your organisation, without having to worry about whether your customers’ data is protected. This, in turn, will help you to retain the trust of your customers and maintain your reputation.

The age of data privacy is here – are you ready to embrace it?

For a closer look at how you can effectively manage your data privacy, watch the sessions from In:Confidence 2019, and visit our blog to keep up to date with more from the event.