Data Privacy Rules are Multiplying, Clean Out Your Data Closet

Businesses, especially those in highly regulated sectors and those that operate in multiple countries face a growing number of data privacy regulations. The rules governing how data should be stored, used, and shared can be overwhelming for resource-strapped cybersecurity and risk management departments. Since 2018, when the EU’s General Data Protection Regulation (GDPR) went into effect, such regulations have constantly increased. Of the 50 U.S. states, 35 have at least considered data privacy regulation, and California’s CCPA is set to become stricter. The compliance challenge continues to grow with the rise of digital business. “As of 2020, there were 4.2 zettabytes of data stored per year globally,” said International Data Corporation’s Ryan O’Leary. As a result, organizations need to take steps to better manage their compliance operations: knowing which laws apply to the organization, what its risk appetite is, how it can create a comprehensive compliance program, and how it can build multi-functional teams that include legal expertise. In addition, says O’Leary, “You need to clean out your data closet. You need to know as best you can where everything is and who is accessing it and using it.”