|
|
Privacy is the right of an individual to control who has access to his or her personal information and under what circumstances.
The past decade has shown a significant increase in privacy awareness in the public. People are beginning to realize the value of their personal information and the danger in leaving it unprotected. Media coverage of privacy infractions has nearly tripled since 1995. Trust in your clients can be easily lost, but in can just as easily be won. If you're in the business of managing any type of personal information, privacy is an issue to be highly concerned with:
Consumer attitudes
More than half of U.S. consumers (54%) say they have decided not to use or purchase something from a company because they were not sure how the company would use their personal information. Consumers most likely to take these steps are younger, more educated, and generally, more affluent consumers in their peak earning years. [1] This represents a key demographic for almost all organizations.
Brands with strong reputations have profit margins up to four times greater than their competitors and can charge more, borrow more easily and introduce new products more successfully. [2] In a time when products and services can be copied, improved upon or made irrelevant virtually overnight, reputation may be the new capital. [3] Building it creates value that lasts after individual products are gone.
Privacy should not be viewed as just another regulation that must be complied with. Privacy breaches may not result in expensive legal fines but will almost always result in a decrease in customer loyalty and damage to your reputation – privacy can be a valuable competitive advantage for you!
Legislation
Numerous privacy regulations and legislation have recently become law or are in the process of becoming law. These include broad privacy laws such as Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA, formerly known as Bill C-6) and the European Union Directive on Data Protection or industry specific laws such as the U.S. Health Insurance Portability and Accountability Act (HIPAA) and the Gramm-Leach-Bliley Act. In many cases these federal regulations are being supplemented by state and provincial regulations as well.
A passive approach of minimum compliance with existing regulations will no longer suffice. When enacting privacy programs, organizations must not only be aware of current regulations but strategically plan for proposed or future regulations as well. Proactive privacy compliance can be a daunting challenge for existing staff in terms of resources as well as expertise. Ensuring adequate privacy practices and standards can be a very large undertaking. Steps that a company must take include monitoring the regulatory environment, creating privacy standards and documentation, establishing office procedures and training their employees.
The bottom line – no matter what you do or where you are there are privacy regulations you need to be aware of to avoid breaches and legal penalties.
Technology
Advancements in information technology have allowed data to be collected, transmitted and stored easier than ever before. Speed of transfer, miniaturization of storage media, more efficient techniques for data mining, and the mass networking of the public (the Internet) have all brought benefits to the private and public sectors. They also introduce new threats to privacy management.
Large databases of personal information (most notably, electronic health records) can hold millions of records, resulting in a significant exposure if an unsecure system were compromised. Wireless technology enables new forms of tracking and surveillance. Miniaturization allows for such wireless transmitters to be placed on a person for tracking - unbenownst to the carrier.
Your organization uses information technology on a daily basis; it might even be the cornerstone of your operations. Are you accounting for privacy in your technology solutions?
Public Safety
There has been a seismic shift in public attitudes towards privacy since September 11, 2001. The terrorist attacks on the United States that day have forced citizens to question how much they value their personal information compared to their safety. Consequently, public tolerance to surveillance, as well as police access to personal information has increased substantially. Legislation to fight terrorism continues to be passed, making the records of all citizens more accessible to those who require it and, if appropriate precautions aren't taken, to those who shouldn't have access at all.
For better or worse, these changes to public data infrastructure are taking place, and with them come the challenges of effectively managing and protecting information. Will you be ready?
|
[1] Multi-National Consumer Privacy Survey, IBM, October 1999
[2] Fortune Magazine’s Corporate Reputation Review, January 2000
[3] BC Business, March 2001
|
|
