Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Applications
    • Applications
    • Cybersecurity
    • IT Management

    Three Ways to Overcome Data Privacy Compliance Challenges

    In today's complex systems, users’ personal and sensitive information can be processed by numerous vendors, which makes it extremely difficult for a company to track how personal data is processed.

    By
    eWEEK EDITORS
    -
    July 9, 2021
    Share
    Facebook
    Twitter
    Linkedin

      The raft of privacy laws worldwide — notably the California CPRA and EU’s GDPR — forces companies to inform users about how they collect and use personal information, and publish privacy notices on their websites.

      To meet these compliance regulations, privacy officers responsible for building policies typically rely on surveys and assessments to collect insights into personal data, its purpose, usage, etc. However, these methods only provide a snapshot in time of personal data processed.

      Since all companies operate in a dynamic environment — where new data is collected, processed, shared, and disposed of in a short interval of time — a static view of data is a recipe for non-compliance.

      However, identifying and capturing changes in personal data use across all business units dynamically requires overcoming the following technical challenges.

      Keeping Up with Dynamic Changes

      New cookies pop up all the time, making them very difficult to track. Web administrators and technical marketers can deploy new code, cookies, and other tracking technologies easily and quickly. At the same time, non-technical users can use simple tools such as tag managers to apply tags without editing code. The tracking process is further complicated by the fact that  some third-party cookies are shared with fourth-parties.

      In such a complex system, users’ personal and sensitive information can be processed by numerous vendors, which makes it extremely difficult for a company to track how personal data is processed.

      In addition, as new data and business processes are added, companies need to track and update their privacy notices based on changes in business strategy. For example: a retailer that starts collecting geolocation data to make suggestions for nearby stores, or an online retailer that re-purposes users’ emails — originally gathered to notify customers of their orders — to send promotional material.

      Another common change in data processing occurs when companies decide to share data with third-parties to reduce cost or provide a better customer experience.

      Keeping data privacy policies up to date with dynamically changing data processing activity is a moving target.

      Many companies, particularly large enterprises, operate in a multi-regulation environment that requires them to comply with a slew of privacy laws. As soon as new regulations are enacted, companies need to update their privacy notices or risk being out of compliance somewhere in the world.

      Case in point: when The California Privacy Rights Act (CPRA) comes into effect on January 1, 2023, companies will need to update existing privacy notices to comply with the new requirements.

      To address these challenges, consider these best practices:

      • First, monitor all tracker activity by scanning your website periodically to detect when a change is made or a script is added, and ensure that the collection of personal data is automatically tracked and disclosed via a privacy notice. Ideally, notices should be dynamic and updated as cookies, personal data, and data processing activities change.
      • Second, centralize the management of privacy policies to achieve a single-pane-of-glass view and notify privacy officers when their notices are out of date. This approach streamlines the privacy notice lifecycle by monitoring ongoing changes, and notifying administrators of any violations to privacy notices.
      • Finally, use a legal research team to provide current and in-depth guidance on hundreds of global privacy laws, and advise how changes in legislation can affect privacy policies and notices. This intelligence can be used to reduce the burden of crafting custom privacy policies and notices to address specific requirements in regulations such as GDPR and CCPA.

      Business processes are dynamic and constantly changing, making privacy policy compliance difficult to achieve using static approaches. Applying these best practices can help organizations move one step closer to staying in compliance with global regulations.

      About the Author:

      Helen Huang, Director of Product Management at Securiti, is an expert in data privacy, security, governance and compliance. 

      eWEEK EDITORS
      eWeek editors publish top thought leaders and leading experts in emerging technology across a wide variety of Enterprise B2B sectors. Our focus is providing actionable information for today’s technology decision makers.

      MOST POPULAR ARTICLES

      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Big Data and Analytics

      Alteryx’s Suresh Vittal on the Democratization of...

      James Maguire - May 31, 2022 0
      I spoke with Suresh Vittal, Chief Product Officer at Alteryx, about the industry mega-shift toward making data analytics tools accessible to a company’s complete...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      Applications

      Cisco’s Thimaya Subaiya on Customer Experience in...

      James Maguire - May 10, 2022 0
      I spoke with Thimaya Subaiya, SVP and GM of Global Customer Experience at Cisco, about the factors that create good customer experience – and...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×