Armanino Blog
Article

Framing Data Privacy as a Business Issue

by Pippa Akem
June 10, 2019

Overwhelmed with all the developments in the data privacy space? Wondering how to navigate the challenges facing your organization? Have you been assigned the privacy compliance function? Not sure what those challenges are, or which ones take priority?

First things first: take a step back and realize you're not alone as you ponder the path forward for handling your privacy challenges. Second, there is no one solution that fits all, as no two organizations are the same. You can look at the known risks in your industry but that doesn't necessarily mean your organization faces those same risks. Third, understand you can't do anything without a baseline framework, and certainly not without a basic understanding of what data privacy laws aim to accomplish.

Finally, and this is so important: you can't do it alone. Like many life scenarios, there are always different angles or perspectives on what needs to be done, how it should be done, and what should be adjusted to achieve a particular outcome.

An approach to implementing data privacy

Here is a simplified plan to start shaping your organization's data privacy practices:

  1. Anchor your thinking by asking: Do we as an organization have a data strategy? What is it and what are the business drivers? To help answer these questions, bring together a small group within your organization that have privacy or data handling-related functions. Talk to them about their concerns and current practices they see as risky and want to be addressed. Remember, you don't have to assemble all the privacy and security experts in the same place. Start simple and make sure you leverage the insight from the initial information you have gathered before reaching out to other business areas. Once you complete this first step, you should have a sense of what your goals should be and how you want to reshape your organization's privacy practices.
  2. Next ask: How are we faring with our compliance obligations? Data privacy focuses on the protection and security of personal information. With the increasing complexity and sophistication of business systems and processes, and electronic data format, you cannot function as a business without collecting or processing personal information.
  3. Here's the key takeaway: You need to know how your organization manages personal data input and output, storing points, who can access the data, how long data is stored and how the data is disposed of. Finding out should expose most of your organization's privacy or data protection policies.

  4. Create a vision statement by asking: How does the organization become the organization you want it to be? You need to know the weaknesses to know what needs to be fixed, and how to fix them.

You likely understand that your work as a privacy champion or steward is evolving. Gaining a solid understanding of the privacy principles and their drivers is a helpful way to build trust within your organization and a good confidence builder. Remember, there are many resources that can support your privacy efforts and help transform your organization's data privacy strategy.

For more information on Armanino's data privacy solutions visit Risk Assurance & Advisory Privacy Services.

Stay In Touch

Sign up to stay up-to-date with the latest accounting regulations, best practices, industry news and technology insights to run your business.

Author
Resources
Related News & Insights
How Saas Companies can Leverage the Inflation Reduction Act to Boost Growth in 2023
Webinar
Increase cash runway and reinvest in your business in 2023.

October 25, 2022 | 10:00 AM - 11:00 AM PT
Accounting Best Practices for Crypto Startups
Webinar
Virtual event covering the best tax, audit and risk management methods for crypto startups.

October 20, 2022 | 10:00 AM - 11:00 AM PT
Sage Transform VIP Experience
Live Event
VIP luncheon for top finance executives attending Sage Intacct 2022.

October 12, 2022 | 09:30 AM - 10:45 AM PT