In today’s global information economy, your business data is the golden goose chased by cybercriminals. Given how this data has an endless life, who can ensure that it isn’t exploited for unsavory gains? Well, governments worldwide have stepped up to the plate.
The implementation of General Data Protection Regulation (GDPR) in 2018 by the European Union (EU) opened the floodgates for this global wave of change. Such was the impact of GDPR holding businesses accountable for data protection and privacy that today, 132 out of 194 countries have put in place legislation to ensure protection of data and privacy, as per the United Nations Conference on Trade and Development (UNCTAD).
In South Africa the President issued a Proclamation on 22 June 2020, commencing some sections of the POPI Act which came into effect on 1 July 2020, namely sections 2 to 38, 55 to 109, 111 and 114(1), (2) and (3). The POPI Act (POPIA) was signed into law in November 2013.
Wondering how is this related to compliance and moreover, your organization? Any business in the world, including yours, must comply with at least one data protection and privacy regulation. Whether you are a local or a global business, you must understand that ignoring this global consensus can leave your business’ future in the lurch.
Give us a few more minutes. Let us help you understand the difference between data protection and privacy, the prevalent global awakening and how it’s time for you to be smart about compliance. Let’s hit the ground running!
Data Protection Versus Privacy: Related But Not The Same
While data protection is about securing data from unauthorized access, data privacy is related to how an authorized access is defined – who can access the data and the ways in which he/she can manage it. Your business must understand this distinction and the fact that the existence of one doesn’t eliminate the need for the other.
While you might avail the right technology to build a robust data protection posture, in compliance with regulatory standards it still might not ensure the privacy of personal data. Even authorized individuals who can access the data could also exploit it. Simply put, you must deploy the right technology and the right policies to ensure every bit of data you store and process remains secure and private. It’s time to quit stalling and start moving forward with proper security and privacy standards.
A Global Awakening
UNCTAD data also showcases how 66 percent of countries already hold a legislation on data protection and privacy, while 10 percent have drafted one, and the remaining countries are likely to follow suit. Do not ignore this global consensus assuming that it would not really impact your business as you would not be operating outside your home country. It’s not going to be long before your state’s or country’s government decides to take the plunge themselves.
Here’s just a glimpse where a regulation is in place or will be eventually implemented:
Australia: The Privacy Act (1988)
Brazil: Protection of Personal Data Bill (2011)
Canada: Personal Information and Protection and Electronic Documents Act (PIPEDA)
China: Personal Information Security Specification (2018)
The European Union (EU): General Data Protection Regulation (GDPR)
Japan: Act on the Protection of Personal Information (2007)
Kenya: Data Protection Bill (drafting in progress)
Nigeria: Data Protection Regulation (2019)
Russia: Federal Law Regarding Personal Data (2006)
Singapore: Personal Data Protection Act (2012)
South Africa: Protection of Personal Information Act (2013)
South Korea: Personal Information Protection Act (2011)
Thailand: Personal Data Protection Act
Uganda: The Data Protection and Privacy Bill (2015)
Uruguay: Law on the Protection of Personal Data and Habeas Data (2008)
Countries currently deliberating a regulation include Argentina, Chile, Ecuador, India, Malaysia, New Zealand, Switzerland, USA (a federal legislation) and more.
That’s 50 countries already! Could this phenomenon be any more global?
Be Smart. Start Now!
Compliance is smart business even if it is complex and unfair. Therefore, keeping it on the backburner is just an open invitation to trouble. How much do you value the reputation and integrity of your business? Please remember that your failure to demonstrate compliance with just one regulation standard alone can take your business straight into a dark phase of uncertainty. You can suffer losses in the form of license cancellations, hefty fine(s), damage to reputation, expensive lawsuits, and loss of business.
Let A Trusted Partner Help You
It takes special skills and tools to look ‘under the skin’ of your network to ensure it is both secure and compliant. It helps having a trusted partner that has managed both cybersecurity and compliance for businesses before. You will sleep better at night knowing your data is protected and exactly in the manner regulations need it to be.
You are just one step away from assessing your compliance needs and addressing them. Write to us today. Let’s talk compliance!
Article curated and used by permission.
Comments