Blog Data governance and privacy

Six Steps to Sustainable Privacy Maturity

Last Published: Dec 23, 2021 |
Nathan Turajski
Nathan Turajski

Senior Director, Product Marketing, Data Governance & Privacy

Co-authored with Graham Thomas, Cognizant Global Head of Data Privacy.

Is privacy dropping off the corporate agenda? Even as regulations and legislation for data protection march on, an alarming number of privacy programs are being quietly pushed to the back burner.

A global assessment conducted by Informatica and Cognizant reveals that organizations are shrugging off privacy risks at the worst possible time – just as consumers are actively prioritizing trust and confidence.

sustainable privacy maturity

From huge fines to the reputational damage inflicted by a major breach, the downside of getting privacy wrong is massive.

But there’s also huge upside for businesses that get it right.

A recent report from Cisco [1] found that more than 40 percent of companies are seeing benefits of at least twice their privacy spend. That ROI comes from increased operational efficiency, greater business agility, and the ability to innovate more quickly.

Privacy’s ROI

Establishing yourself as a reliable custodian of customer data has a vital reputational benefit. Consumers are five times more willing to permit use of their personal information — and will hand over more of it — to companies they trust. [2]

With the need to sustain customer loyalty and compliance both bearing down, businesses need to treat privacy protection as a core requirement rather than a single initiative or series of projects.

But making the journey isn’t straightforward. Regulatory regimes have complex requirements that aren’t addressable with simple checklists. And at the moment, there is no formal certification for wide-ranging regulations like the General Data Protection Regulation (GDPR).

Organizations have to self-determine their level of adherence with a clear understanding of their data exposure risk — alongside the value that personal data can unleash when used appropriately and transparently.

Informatica recommends this framework to help you operationalize data privacy controls:

  1. Define and Manage Governance Policies – While GDPR means most European companies have this well in hand, organizations looking at the California Consumer Privacy Act (CCPA), LGPD, and other regulations may still need to map critical business users and stakeholders, then align them with the data and privacy processes they need to own.
  2. Discover, Classify, and Understand Personal and Sensitive Data – Next is to know exactly what data you hold, and exactly where it sits. Look across IT environments such as multi-cloud and on premises, Hadoop and relational – for both structured data and unstructured file systems.
  3. Map Identities to Personal and Sensitive Data – Knowing exactly what personal and sensitive data you hold under different regulatory definitions will enable faster access to data that belongs customers, employees, and partners. That will strengthen your ability to respond to data deletion orders under the Right to be Forgotten, and Data Subject Access Rights (DSARs) by building a data subject registry.
  4. Analyse Data Risk and Establish Protection Plans – Continuously measure privacy risks and record them to provide Key Risk Indicators (KRIs) for your privacy program.
  5. Protect Data and Manage Subject Rights and Consent – Use data masking and encryption to ensure reliable control during the exposure, access and use of personal information. Document the location, lineage, history, and retention periods for all the Personally Identifiable Information (PII) you hold.
  6. Measure and Communicate Audit Readiness – Track and record what’s been achieved on your privacy journey for auditor visibility to demonstrate success or quickly remediate privacy gaps with the controls you've put in place.

The end goal is a mature privacy footing that’s sustainable and repeatable — which will be vital when new data protection regimes like CCPA start to be enforced.

By establishing governance best practices that deliver data trust and quality, organisations can move beyond reductive objectives like fine avoidance and address compliance as a target state, more a continuous journey rather than a single destination.

That will help put compliance risk in the rear-view mirror, accelerate value creation, and help businesses at the head of the curve leapfrog the competition.

Download the full Cognizant/Informatica white paper: Roadmap to sustainable privacy maturity.

[1] Cisco: 2020 Data Privacy Benchmark Study

[2] Boston Consulting Group: Bridging the Trust Gap in Personal Data

First Published: Jun 28, 2020
Read more blogs like this one
Informatica Recognizes the Most Influential Chief Data Leaders of 2024

Mar 17, 2024

Informatica Named a Leader in the Gartner® Magic Quadrant™ for Augmented Data Quality Solutions

Mar 11, 2024

AI-Powered Data Access Management: Where Intelligent Governance Meets Enforcement

Feb 29, 2024

See All Blogs

United States

Cloud Platform

Intelligent Data Management Cloud Data Integration & Engineering API & App Integration Customer 360 Data Catalog Governance & Privacy Data Quality and Observability MDM & 360 Applications CLAIRE AI Engine – Intelligent Automation Pricing

Get Started

Free Cloud Data Integration Free Data Loader Live Demos Request Personal Demo Contact Sales Data Warehouse Trial API Lifecycle Management

Resources

Events Blog Customer Success Stories Community Documentation Certification & Training Cloud Data Glossary

Learn Data Integration

ETL Cloud Data Integration What is iPaaS? Data Warehouse Data Governance Framework What is Data Quality? Customer 360 Application Integration

Company

About Us Careers News Investor Relations Awards & Recognition Contact Sales Customer Support
Facebook
LinkedIn
YouTube
Instagram

United States

© Informatica Inc.

Legal Privacy Policy Do not sell or share my personal information

© Informatica Inc.