Posted by Mumbai: While, Jan 28 is marked as Data Privacy Day around the world, it also symbolizes the growing significance of data privacy and data protection. An increasing number of tech companies and organisations in western countries today have designated Privacy Officers or Data Protection Officers (DPOs).
The impact of new data protection and privacy laws
Interestingly, the appointments of these designated Data Protection Officers (DPOs) has also come after the European Union (EU) implemented General Data Protection Regulation (GDPR) in 2018.
Under GDPR’s Article 17, the EU has been mandated that all public authorities and bodies will be required to designate a Data Protection Officer (DPO).
Besides, the EU’s GDPR, there are data protection laws in other parts of the world. In the US, California state has enacted the California Consumer Privacy Act of 2018 (CCPA).
Canada has the Personal Information Protection and Electronic Documents Act (PIPEDA) and South Africa has the Protection of Personal Information Act (POPI). Even India is working to introduce personal data protection laws in the coming months.
These data privacy and data protection laws in different countries is a clear indication of how data privacy rights have gained momentum in recent years.
“Data privacy reform has changed our global community forever. As we begin 2022, organisations face an emboldened world demanding greater accountability and trustworthiness,” says Andy Teichholz, Global Industry Strategist, Compliance and Legal – OpenText.
“The recent steps taken by several countries to bolster their consumer privacy rights and processing activities will have a far-reaching global impact on privacy rights and data protection practices,” comments Teichholz.
The rise of Data Protection and Privacy Officers
Data privacy laws and regulations have pushed organisations to have designated Data Protection or Privacy Officers. Even companies operating outside the European regions have also begun appointing Data Protection Officers (DPOs) or Chief Privacy Officers (CPOs)
EU mandates an enterprise security leadership role of Data Protection Officer (DPO). It has well-defined responsibilities of overseeing data protection strategy and implementation to ensure compliance with GDPR requirements.
But that’s not the case with Chief Privacy Officer (CPO). The CPO’s role involves formalizing data privacy strategies and data processes, helping the organisation meet complex compliance and governance regulations. In addition to enhancing data privacy and data protection measures.
The appointments of these designated executives highly depend on the nature of business and functions, market regulations and most importantly, the organisation’s approach toward data.
Role of Privacy Officers
For instance, the global data centre giant Equinix has a Chief Privacy Officer (CPO) with a dedicated Equinix Privacy Office.
“Through our Equinix Privacy Office, we proactively manage our own compliance with applicable new and evolving data privacy laws and seek to assist customers to do the same,” says Peter Waters, CPO – Equinix.
“Our data security practices and controls around our own global platform of systems and processes are robust. Our digital services like Network Edge and a rich set of security-focused partners in our ecosystem, which sets up these security services closer to the user to protect that data locally,” informs Waters.
Probably, the concept of privacy for Equinix appears much broader in general.
“Our goal is to embed the concept of privacy by design into new system deployments and business process improvements across various aspects of our business and offer our clients systems and infrastructure they can rely on,” says Waters.
Data centres are very different when it comes to data security compared to working remotely. Businesses and organisations globally have been operating with their remote workforce in the past two years of the pandemic and still continuing. This has resulted in a growing number of cyberattacks targeting the remote workforce and their devices.
“Data privacy concerns have been exacerbated by the pandemic as we have seen an uptick of ransomware and cybercrimes with bad actors taking advantage of the rapid shift to remote work, the increase in online deliveries and the proliferation of QR codes,” says Lana Xaochay, Data Privacy Officer – Ivanti.
“The sheer amount of data we share about ourselves online is a privacy concern and more alarming is that many workers are using the same devices for personal and business activities,” adds Xaochay
Given this scenario, Xaochay advice to businesses is to manage all devices that access their network, effectively prioritise and remediate vulnerabilities that pose the most danger to their organisation.
Like Equinix, Ivanti closely works with its customers and help them secure the new work-from-everywhere model.
“At Ivanti we continue to innovate and lock arms with our customers to help enable and secure the Everywhere Workplace,” says Xaochay.
“For instance, with Ivanti Neurons for Patch Management, which came out of beta a few days ago, we automate patch management for our customers and help them identify and patch their most critical vulnerabilities proactively,” informs Xaochay.