About Us |
Contact Us |
LexisNexis Business Solutions
March 15 is World Consumer Rights Day, and this year’s theme is ‘Trust in Smart Devices.’ Innumerable devices populate the digital landscape—from wristbands that track every step taken to smartphones that instantly connect users with family, friends and brands. And with every connection, data is generated and collected. But being entrusted with private data demands a proactive risk management strategy.
Why data privacy should be part of your risk mitigation program
Consider the cost of data breaches.
Each year, the Ponemon Institute conducts benchmark research into the cost of data breaches. This year's edition—lucky number 13, if you’re counting—saw increases in both the global average cost of a data breach and the average cost for each lost or stolen record containing sensitive information.
Sure, $148 doesn’t sound like a big deal, but when you look at notable data breaches in 2018, the potential financial risk becomes crystal clear. Take the hacking of Marriott Starwood Hotels reservation database, which exposed personal information including passport numbers and credit card details for 5 million customers. That’s a hefty $740 million price tag. According to Digital Information World, other notable data breaches of 2018 included:
Financial risk related to data breaches isn’t only tied to the size of the breach, either. In terms of volume, the Facebook and Cambridge Analytica data breaches weren’t the largest, but the loss of trust by consumers and investors came at a high price.
In May 2018, enforcement of the European Union’s long-anticipated General Data Protection Rules (GDPR) came into effect. Companies don’t need to have operations in the EU to be subject to GDPR. Large or small, multinational or regional—if your company has a website that can be visited by EU citizens, then GDPR is definitely a potential compliance risk. We’ve created a quick factsheet on GDPR for details.
The U.S. does not currently have an equivalent, comprehensive federal law regulating data privacy and security, however there are a number of sector-focused laws that address consumer data.
And since the Facebook/Cambridge Analytica brouhaha caught the attention of U.S. legislators, it’s not a stretch to think that Congress will eventually tackle the issue of data privacy and security on a national level.
Why not establish a robust process for ensuring the privacy and security of data now? It may not keep determined hackers at bay, but it will go a long way towards reducing your risk exposure and building trust with customers, investors and regulators alike. Isn’t that the best way to celebrate World Consumer Rights Day anyhow?
3 Steps to Take Now