Considerations for Businesses Re: Data Governance and Privacy

Many of our recent blogs have centered around data security and privacy measures that are being implemented by government actors. While it is important that your business review and adhere to the legislative changes and best practices, there are many steps your organization could take to voluntarily bolster your privacy and data governance policies including:

• Conducting an in-depth review of the information your organization currently receives and stores from consumers, outlining the amount of consumer information typically collected, the type of information retained and the sensitivity of that information, as well as the third-parties who received such information in the past;

• Voluntarily establishing mechanisms so that consumers are permitted to consent to the retention and sharing of their personal data and information or opt-out from your established company  policy of doing so; and

• Reviewing your data processing agreement with software providers to ensure that the consumer data your organization receives and stores is maintained in a manner giving you full accessibility so that you can easily access, delete, edit, or transmit the data at the consumer’s request.

Although organizations may be hesitant to voluntarily enact policy changes, there are many benefits to engaging in these practices without threat of enforcement action. In fact, in a 2021 study by Data Privacy Manager reported that 73% of customers say that “trust in companies matters more than it did a year ago.” Accordingly, the voluntary nature of these changes could enhance your consumers' experiences and increase the value of your organization in the market.