Data Security & Privacy
The exponential evolution of a global information economy, driven by new technologies and disruptive business models, means that an ever-increasing amount of personal data is being collected, used, exchanged, analyzed, retained, and sometimes used for commercial purposes. It also means there is an ever-increasing number of accidental or intentional data breaches, incorrect or lost data records, data theft, data manipulations and data misuse incidents.
Data privacy is a part of data protection rule. It is associated with the way to control the data handling and its compliance with the protection regulation.
Compliance with the data protection laws and regulations.
On the other hand Data Security comprises a set of standards and different safeguards and measures that an organization is taking in order to avoid any third party from unauthorized access to digital data, or any intentional or unintentional alteration, deletion or disclosure of data. It emphases on the protection of data from malicious attacks and prevents the exploitation of stolen data, breach.
Data Security includes Access control, Encryption, Network security, etc.
Regulatory margins such as GDPR, HIPAA, GLBA, or CCPA.
General Data Protection Regulation (GDPR) marked the first thoughtful intent to control the extreme exploitation of personal data and to fine both data processors and data controllers appropriately. However GDPR is not the first privacy law, but several data privacy laws before GDPR were outdated, given that both technology and the way we transfer and share our data has transformed greatly in just a few years.
Every individual should be aware that, what data is being collected from them via online or offline, why it's collected, for how long it will be used, with whom it will be shared. Always read the terms and conditions before sharing your personal data.
Do you know, Health data are considered to be the most sensitive form of personal data and is accorded the highest level of privacy protection. A consent itself is the primary legal safeguard used to protect against privacy violation. Again a consent also gives absolute power to the data controller. On account of breach, the data controller will not be liable always.
So in the modern world, consent sometimes fails in safeguarding the privacy due to interconnected databases of the service providers in this digital age.
Conducting a Privacy Impact Assessment (PIA) where determining how and where data is stored, backed up, and disposed, what data security measures are taken in to consideration, and where systems may be vulnerable to a data privacy breach.
Adopting security measures on the privacy regulation such as;
- Data Loss Prevention (DLP)
- Data Masking
- Data protection
- User rights management
- Privileged user access management
- PIA and other audit assessments
#cybersecurity #dataprivacy #privacy 3.0
-DR
No comments:
Post a Comment