Upcoming changes to privacy regulation in the EU as well as rising business awareness that effective data privacy means competitive differentiation in the market makes privacy a business priority today. And this is not only relevant for tech giants: protecting both customer and employee privacy is a business priority for companies of all sizes and across industries.
But where do you start? Many companies start by hiring a chief privacy officer. Some have built brand-new privacy teams that manage privacy for the whole firm, while others prefer a decentralized model where responsibilities are shared across teams. What are the pros and cons of each approach? Which organizational structure would better meet the needs of your firm?
And when your privacy organization is in place, how do you establish smooth collaboration with other teams like marketing and digital, for example? Too often we hear that privacy teams do not have the visibility that they need into the data-driven initiatives happening within the company. When this happens, privacy organizations are less effective and the business risks failing its customers, undermining their expectation for privacy.
The recent Computers, Privacy & Data Protection Conference (CPDP) showcased a series of innovative projects that are based on big data. Big data is one of the four imperatives that shape the age of the customer — one of Forrester’s main focus areas — and the changing regulatory framework of data protection in Europe has big implications for big data initiatives.
Central to data protection is the existing EU Data Protection Directive, which legislators have been trying to update for years to reflect the changing online realities. The proposed Data Protection Regulation focuses on a redefinition of the concept of “consent.” User consent now has to be freely given, specific, informed, and explicit.
This new definition forces businesses to be more transparent about how they gather, use, disclose, and manage customer data in the form of the principles of privacy notice and purpose limitation. Complying with these new privacy principles is a challenge in the age of the customer, as privacy regulation affects: