Page Two

By Cameron Sturdevant  |  Posted 2003-04-21 Print this article Print

Before a database can forget in a responsible and planned way, however, it must know. This means customers must provide valuable, private, personally identifiable information. Based on our research of privacy statements and discussions at the symposium, it is clear that IT managers can lead a re-evaluation of company policy that places customer privacy first.

For example, Ann Cavoukian, Ontario privacy commissioner and author of "The Privacy Payoff" (, recommended that enterprises look at privacy as a business concern rather than a compliance issue. "Businesses should embrace privacy and show customers that their private information will be used only with their permission, full stop," Cavoukian said. "In the online world, trust is practically synonymous with privacy."

Companies would do well to aggressively market simple, strict privacy agreements to customers. One of the biggest benefits is that the company gets ahead of the evolving, mutable consumer privacy legislation. If a companys privacy policies convey the idea that customer data will never be used for anything other than the original purpose of the transaction, lawyers will have a lot less to fiddle with.

Organizations required by law to keep data private—such as health care agencies and financial institutions—can still make stringent privacy a distinguishing characteristic. For example, while HIPAA (Health Insurance Portability and Accountability Act) requires that all organizations handling patient information comply with the same rules regarding access and maintaining audit trails, assured timely access could be a selling point. Making sure that a doctor or nurse is never denied appropriate access, for example, is a major concern for many hospital IT directors.

Senior Analyst Cameron Sturdevant can be reached at

Cameron Sturdevant Cameron Sturdevant has been with the Labs since 1997, and before that paid his IT management dues at a software publishing firm working with several Fortune 100 companies. Cameron also spent two years with a database development firm, integrating applications with mainframe legacy programs. Cameron's areas of expertise include virtual and physical IT infrastructure, cloud computing, enterprise networking and mobility, with a focus on Android in the enterprise. In addition to reviews, Cameron has covered monolithic enterprise management systems throughout their lifecycles, providing the eWEEK reader with all-important history and context. Cameron takes special care in cultivating his IT manager contacts, to ensure that his reviews and analysis are grounded in real-world concern. Cameron is a regular speaker at Ziff-Davis Enterprise online and face-to-face events. Follow Cameron on Twitter at csturdevant, or reach him by email at

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel