Q14. What Can I Do to Limit My Data Liability?

Data drives the modern economy. By its very importance, it has become a target for hackers and bad actors. Whether it resides on third-party cloud servers or locally, the risks are significant and potentially disastrous. Data security, or lack thereof, poses a direct risk to consumer privacy, as it subverts the purpose for which personal information was disclosed and subjects the consumer to loss of privacy, financial harm, falling victim to scams, and other potential negative consequences.

Whether you are planning new data security policies or revising old ones, consider how to minimize your data liability. Though not practical for every situation, the best way to limit your data liability is not to collect the data in the first place (i.e., data minimization). As a simple example, in our data-driven world, users are frequently asked to provide personal information. Accessing a report might require giving out a name and an e-mail address or creating an account. That data might be useful to you for creating a mailing list, but the privacy implications are increasingly driving users to keep extra e-mail accounts as spam filters so that they can get the information they want without being bothered by newsletters.

A key question you should ask is whether collecting that information is truly necessary. The easiest way to ensure that your company does not suffer a data breach is to have no data to breach. By minimizing the information you collect, you make your systems less attractive to hackers. Also, how long do you need to retain data once it has been collected? Don’t retain data any longer than necessary.

When you must collect and retain data, make sure you secure it properly. Follow best security practices; encrypt information where possible. Homomorphic encryption is a means of protecting data cryptographically while still allowing certain calculations to be performed on it. You should also consider technological innovations in achieving data processing objectives while minimizing your data liability. For example, businesses today may utilize edge computing architecture to process data at the device level, instead of transferring the data to a central cloud server for processing. Through distributed data processing, businesses may be able to enact a higher level of anonymization and data protection yet achieve their business objectives.

Leave a Reply

Your email address will not be published. Required fields are marked *