A few thoughts as I prepare to meet and network with fellow privacy professionals and others committed to privacy and data protection at the IAPP Global Privacy Summit in Washington DC.
Digital Transformation is a Challenge to Privacy Professionals
Digital transformation goes far beyond the all too familiar expression – “we’re going to the cloud.” Digital transformation enables organizations to create entirely new business processes reflecting the way their business operates today, with the flexibility and tools to adapt to future needs. For some organizations, this meant shifting from clipboards to spreadsheets, spreadsheets to automated data collection, and even automated data collection to real-time location and identity services. While going to the cloud promises to reduce on-prem data center operations costs and enable rapid application deployments, it challenges data privacy professionals, including controlling access and sharing the data now readily available while complying with the requirements and obligations to secure and use the data.
It’s Always a Balancing Game: Value vs. Risk
These competing priorities to use the data safely while protecting it continue to bog down organizations. On one hand, data holds tremendous value to companies. Without data, there can be no digital transformation to help organizations innovate and leapfrog competitors. The many benefits to collecting and sharing data include improving technology offerings, learning material for artificial intelligence programs, and advancements in medical science. On the other hand, privacy protection, which is even more important to companies today, has slowed or even halted using data due to hefty costs and privacy breach risks. And, putting this sensitive data in off-prem cloud environments has only exacerbated the digital transformation process with sensitive data being stored and used away from the data controller.
The data privacy officer’s role requires balancing these risks, meeting privacy regulations like HIPAA and GDPR, and creating standards around data privacy as their company collects, shares, and uses data while simultaneously accelerating the benefits from digital transformation. As a first step, many data privacy officers start by locking down their data which protects the data, but makes it hard to access, share, and use. While not the data privacy officers intention to slow down digital transformation, it has often hindered, not to mention frustrated data consumers like marketing organizations, analysts, and data scientists who can no longer access their required information.
Traditional Data Anonymization Techniques are Neither Secure nor Accurate
To overcome data privacy requirements, organizations introduced obfuscation and anonymization tools. However, tools like differential privacy, hashing, tokenization, homomorphic encryption dilute the data, preventing accurate results, lack sufficient security, eliminate data flexibility or slow down performance making them impractical. As a result, data users can’t apply the data available to them which means organizations miss out on data-driven decision making and waste resources. Thus, failing to realize the digital transformation promise.
What Needs to be Done to Solve the Privacy Professional’s Problem?
It is possible for privacy professionals to be the hero – accelerating digital transformations while simultaneously creating safe access to usable data.
Anonomatic introduced PII Vault™, a new approach that allows de-identified data to be used as if it were fully identified. This patent-pending technology enables organizations to safely ingest, use, and share data while meeting privacy compliance obligations. Anonomatic PII vault strips all personally identifiable information (PII), also known as identified or personal data, at the very beginning of the data ingestion pipeline. Now, data engineers can replace traditional data anonymization approaches with PII Vault to get 100% accurate data quality and results including:
- Sharing data to cloud environments without identified data and PII ever passing your firewall
- Merging and matching disparate datasets
- Using private data in lower and non-production environments
- Operationalizing identified data while solving PII compliance requirements.
I’m really looking forward to meeting other privacy professionals at the IAPP Global Privacy Summit in Washington DC on April 6-8th, especially to learn more about your organizations privacy challenges.
If you would like to explore how Anonomatic can accelerate and help you realize the digital transformation promise, please contact me at neil@anonomatic.com to meet at a time best for you or schedule a meeting now: https://calendly.com/neil-anonomatic.