The ease of digitally storing and monetizing personal information has now run up against the rights of consumers to access and in some sense, reclaim ownership of that data,”

via Data Governance: How to Tackle 3 Key Issues – BankInfoSecurity

Shift in Concept of Privacy

Privacy requirements have changed dramatically as a result of GDPR and CCPA, says Rafael Moscatel, managing director at Compliance and Privacy Partners, a California-based consultancy.

“The ease of digitally storing and monetizing personal information has now run up against the rights of consumers to access and in some sense, reclaim ownership of that data,” he says. “That’s a paradigm shift that introduces a number of logistical burdens that some organizations, even relatively new ones, are not prepared to deal with.”

Moscatel says organizations need to identify and adopt appropriate privacy best practices.

“A solution needs to be proportional to an organization’s true risk, and while it must meet certain standards, your compliance professionals, data fulfilment service teams and IT support must be able to work with each other and speak the same language. It’s not as simple as throwing together a data map,” he says. “It’s not just collecting the metadata; it’s understanding the relation of the attributes not simply from a database perspective but from an ethical one.