Larry Ponemon, How Global Organizations Approach the Challenge of Protecting Personal Data
Comment by: Ken Anderson
Workshop draft abstract:
Public and private sector organizations need to understand how cultural and regulatory issues in various countries affect their ability to achieve privacy and data security goals. Dr. Ponemon, chairman and founder of Ponemon Institute will discuss the challenges of creating a global privacy and data protection strategy for business concerns.
In this session, the speaker will share their real world experiences, successes, failures and lessons learned. An integral part of the discussion will be the findings of the “Global Data Privacy & Protection Survey” conducted by Accenture Ponemon Institute. This is the first truly “global” study that attempts to compare and contrast how individuals in different nations view or deal with privacy and data protection challenges.
The Survey asked more than 5,500 business and IT practitioners in 19 countries to respond to the following issues:
- Consumer privacy rights vs. organizational control over citizens’ information
- Organizations’ obligations to secure personal information
- Government regulations for privacy and data protection
- Organization vs. consumer ownership of personal information
- Importance of safeguarding children’s personal information
- Awareness about data breaches
- Limitations on the collection and sharing of individuals’ sensitive information
- Protection of citizens’ privacy rights
- Protection of cross-border data transfers
- Disclosure of privacy practices and obtaining citizens’ consent
- Sharing consumers’ information with the government
- Openness to identity management tools such as biometrics
What the research determined is that there is not one universal or shared global perspective about the protection of personal information, consumer privacy rights and the need for strict data security safeguards. Rather, perceptions about privacy and the safeguarding of personal information vary significantly by national or regional cultures. The challenge for organizations is creating a strategy that addresses cultural and regulatory differences yet is effective in keeping sensitive data secure. The overall objective will be to provide guidance on how to implement a data security strategy that enhances and not hinders the organization’s ability to operate globally.