Data-Minding
Posted on April 6th, 2010 by Katina »Permalink
It’s been awhile since we talked here about Data Privacy (time flies when the economy’s imploding!), but Compliance Week’s piece last week on steps to better privacy compliance got us thinking again about the myriad regulations and rules that govern how companies manage personal information – and the risks involved for businesses (not to mention the customers and employees who’ve shared their personal information with those businesses) if those rules and regs aren’t followed to the letter.
On the heels of Massachusetts’s passage of new data privacy regs believed to be among the strongest in the U.S., the piece does a nice job laying out strategies for preventing data breaches in the first place.
Color us surprised (okay, just coy, really) to read among the first recommendations this one from Richard Davis of Grant Thornton, who said in a recent webcast that
-
“Compliance officers should pull in their financial and IT departments as well, to understand how they handle privacy and data security in their functions; all that can then be applied to the company’s overall risk assessment. Moving forward, he said, the internal audit department is “ideally suited to help organizations think through risk and control elements.”
Hmm. Bringing stakeholders in at the outset of a program to strategize on how to account for specific risks (in this case data security) across the enterprise? GENIUS.
Speaking of Compliance Week, we couldn’t help but notice that their homepage helpfully features (okay, with a little help from yours truly) a complimentary copy of Gartner’s recent Magic Quadrant for CCM. It’s awfully interesting reading, if we do say so ourselves.
