The adoption of cloud computing, location-based services and regulatory processes is forcing organizations to review and revise their privacy and compliance policies, according to Gartner, Inc.
In a new study, "Top Five Issues and Research Agenda, 2011 to 2012: The Privacy Officer," Gartner observes that privacy, security and compliance risks overlap. Privacy officers and enterprise decision-makers are advised to aim for what Gartner calls the "golden middle" and to take an integrated approach.
Seventy-five percent of 451 organizations that responded to the survey reported having a dedicated privacy officer, and 50 percent have a budget for privacy. Qualified survey respondents were responsible for risk management, security, business continuity, compliance and privacy processes.
The most cited technology priorities for 2011 are privacy management tools, data loss prevention and encryption, according to the report. Process-related priorities include application and database reviews, privacy training, and the drafting of privacy contracts with non-performance penalties.
Carsten Casper, research director at Gartner, expects that through 2012, privacy programs will remain underfunded due to budget pressures. Without financial support, he says privacy officers have to focus on building relationships to push initiatives through. Key players to involve include legal, lines of business, HR, IT security, operations and application development staff, as well as regulators and privacy advocates.
Putting an investment value on privacy and sensitive personal information calls for context. The privacy officer must mediate and reconcile conflicting solutions advocated by business stakeholders, IT departments and legal advisers, as explained in the report.
Instead of approaching measurement, budget, development and scope separately, information managers should come up with a privacy program that addresses different privacy elements consistently, says Casper. "The bottom line is to come up with one program for privacy."
Register or login for access to this item and much more
All Information Management content is archived after seven days.
Community members receive:
- All recent and archived articles
- Conference offers and updates
- A full menu of enewsletter options
- Web seminars, white papers, ebooks
Already have an account? Log In
Don't have an account? Register for Free Unlimited Access