Digital transformation is on the agenda of most organizations to drive innovation in an effort to remain competitive and reduce operational costs. But this comes with its own set of challenges due to the growing complexity of IT environments and the need to comply with a growing set of industry, regional and global data protection and privacy laws and regulations.
Digital transformation initiatives are often aimed at improving customer and consumer relations, developing new business models and providing personalized products and services to improve customer experiences. This typically requires collecting, storing, accessing and analyzing personal data. In the business context, it is important for organizations to have a single, accurate and trusted version of personal data for each customer/consumer. And in context of new and emerging data-related laws and regulations, this means organizations need to know exactly what personal data they are collecting, where it is being stored, and how it is being protected to ensure that privacy rights are not violated.
At the same time, the drive to increase efficiency and lower costs has allowed businesses to begin moving much of their infrastructure, data and workloads into the cloud; as well as enabling access to enterprise data and systems from a variety of mobile devices, with mobile working likely to increase even further as 5G networks are introduced and mature.
As a result, for many organizations the challenge of data governance has become even more difficult, with most organizations being faced with keeping track of data across mobile and hybrid environments as data migrates from traditional on-premise systems, applications and stores to the cloud. Meanwhile some businesses also must accommodate legacy environments such as relational databases on mainframes.
The challenge is made even greater by continual increases in global datacenter traffic, the number of business data users and the number of new data types, as well as by regional data protection regulations, such as the California Consumer Privacy Act (CCPA) and the EU’s General Data Protection Regulation (GDPR). GDPR requires organizations to keep personal data relating to EU citizens within the EU, which means keeping track of the geographical location of this data and ensuring it does not flow out of region. The CCPA addresses similar privacy requirements for data transparency and user rights.
In this context, companies with global operations must develop a more proactive approach to manage the specific risks relating to sensitive data across multiple regions with consistency in order to scale. Thus, data privacy governance and personal data risk assessment and mitigation are top priorities.
Data protection is a fast-growing market opportunity. Many suppliers have introduced products in this space. The market leading data management firm Informatica offers Data Privacy Management, a data governance solution that is aimed at bringing together users, processes and policies across an enterprise and its partners to ensure privacy-compliant and trusted access to sensitive data. Data Privacy Management also enables the automation of key sensitive data and risk management tasks.