The answer is obvious. Data is arguably our most important commodity so any data must be good. Not necessarily. Let’s take a closer look but before we do ask yourself two very important questions:
What do I need to know?
What will I do with this essential information?
Let’s take a look at data that carries consequences, personally identifiable information. This is data that can be used to identify a specific individual. The definition is broad because an individual can be identified by many different pieces and types of information.
It may require a combination of data. For example, my age alone won’t identify me but it does when combined with my purchase history and address. It comes in different formats since these days audio, video and biometrics are just some of the pieces of personally identifiable data collected, processed and stored.
A fingerprint scan is a convenient method to unlock my cell phone so this data I consent to share. There is also data available in the public domain that is free to use without consent. My business telephone or email uniquely identify me but are willingly provided since this information is necessary for business operations. These are examples of personal data that is helpful.
When organizations collect and process personal information they may collect more information than they actually need. They may also share this information with 3rd parties and will likely store the information long after it has served its initial purpose. This may result in duplication, inaccuracies or excessive amounts of data that is harder to organize and analyze.
It also creates potential liability. If the data is lost, stolen or used without appropriate consent it can damage your reputation and lose your customers’s trust. These are examples of personal data that is not adding value and may even hurt your organization.
Every business needs a data strategy. It shouldn’t be complicated or overwhelming but it does need to fit your operation. Data regulations vary around the world but they all have two basic requirements. In order to get consent, we need to clearly state why we are collecting personally identifiable information and how it will be used.
What do I need to know?
What will I do with this essential information?
Two simple but powerful questions that should form the basis of your data strategy and are necessary in the journey to ensuring your organization is data privacy compliant.
If you’d like to discuss your data strategy or have comments, we look forward to hearing from you.
Leave a Reply