“With privacy regulations brewing across the globe and consumers becoming more knowledgeable than ever about their privacy rights – can we now assume our personal data is now more secure than ever? Can organizations claim compliance with privacy regulations for all personal or regulatory protected data?
You cannot protect what you can’t find. A solid up-to-date inventory of all personal data is the first and most crucial step in complying with privacy regulations. The inventory must encompass data types, consent levels, usage, risks and how they map to regulations and standards. The end result paves the way to documenting the necessary policies and procedures that are also critical to ensure compliance.
Security by design simply means we implement the necessary controls to mitigate risk in everything that we do. Ranging from a server build to a cloud deployment – all steps must include security implementations to ensure continuous compliance and ongoing protection.
We must exercise due diligence in our efforts to protect what’s important and continuously comply with laws and regulations. Continuous visibility into personal data across its lifecycle is a critical first step to ensure compliance. Treating all types or personal data the same as it relates to risk mitigation, controls implementation and consent.”
– Fouad Khalil