Shifting Gears: Transitioning from Ad Hoc to Proactive Privacy
Imagine if every time you wanted to drive your car, you had to inspect and reinstall the seatbelts, airbags, and other equipment that helps you travel safely from Point A to Point B. You would likely feel frustrated by the delay and inconvenience.
When it comes to data, your organization may be having an analogous experience.
You’re counting on data as a vehicle for reaching an ambitious destination: better products and offerings for people around the globe. Yet you may have discovered that your company is handling privacy on a case-by-case basis, implementing it as a tactic for specific projects, such as data extraction, warehousing, and linkage. What you lack is an agile and adaptive approach you can rely on for the long haul.
Automotive manufacturers have integrated sophisticated safety systems into their vehicles. Every company has a similar opportunity: to develop a proactive and strategic approach to privacy. Creating a privacy strategy requires you to stop managing privacy tactically and reactively — and to start thinking prospectively about how to leverage privacy as a differentiator to protect individuals and promote better outcomes.
Advancing Privacy Through Inquiry
A privacy strategy empowers an organization to safely maximize the utility and value of data while minimizing the cost and time of the compliance review process. A robust privacy strategy supercharges your organization’s ability to identify and design more effective and impactful research and development programs. You’ll be better able to leverage data in game-changing artificial intelligence (AI) initiatives, improve products and offerings, and, ultimately, accelerate innovation for a better world.
In a previous article, I discussed 3 core steps to developing a robust privacy strategy. Once you’ve considered those steps, you can take the following questions back to your team to evolve your privacy strategy:
1. Do we have an effective approach for extracting, storing, and retrieving comprehensive data to be used for advanced and predictive analytics?
2. Do we have an effective approach for linking various sensitive or protected data to achieve a comprehensive view?
3. Do we have a framework that helps us identify and evolve use cases for the data?
4. Are we taking advantage of a wide array of data modalities beyond structured data, such as images, videos, voice, or unstructured text?
5. What is our readiness for addressing new and emerging laws and standards for privacy and artificial intelligence (AI)?
6. How are we managing the broad array of regulations, including state laws, Federal Trade Commission regulations, the Health Insurance Portability and Accountability Act (HIPAA), the General Data Protection Regulation (GDPR), and AI regulations?
7. How are we governing and managing the use of AI across the organization?
Focusing on answering these first few questions will take you and your team to the next level in privacy strategy. But refer to these questions often, as they require iterative thought as industry, data, and especially AI continue to evolve. Carefully consider partnerships with data and privacy companies based on both their capabilities and their ability to respond to these points.