How to take care of Data Protection as you enter the digital transformation
- Aug 28, 2019
- 39 views
Starting the digital transformation process in a company goes far beyond just sticking to technology in processes. It is rethinking your business. And among the challenges faced on this journey, regulations and concerns about privacy and cybersecurity can be major barriers to progress in digitization projects.
According to IDC's study last November, the global data sphere - comprising the key locations where digital content is created and trafficked (data centers, mobile phone towers, PCs and IoT devices) - will grow from 33 zettabytes in 2018 to 175 zettabytes by 2025. To get an idea of the proportion of this volume, consider that one zettabyte equals one trillion gigabytes.
In this scenario, the CIO is the protagonist in supporting a corporation's data protection. It is important to consider company culture and employee awareness in storing and using data, and ensuring that privacy concepts are taken into account from the outset of projects.
In addition to precautions with application performance; precautions to prevent information leakage and intrusion prevention on company systems, this professional should now also ensure that information is handled in accordance with the assumptions set forth in the General Data Protection Act (LGPD).
Sanctioned in August 2018, the new law will come into force in August 2020. This will be the deadline for public and private sector companies to adapt to the new regulation and the heavy burden of requirements brought by the standard.
With LGPD, the company is responsible for storing and using all personal and sensitive information of each individual with whom it relates. From the moment the company captures and stores any of these data, it is susceptible to the consequences of its misuse.
New responsibilities include: creating processes to address the data subject's rights; manage the various personal databases that may be scattered in various locations, systems and databases, and administer the consent of the holders, when necessary, for the processing of personal data in their custody.
This increases the maturity of information governance, which can generate greater efficiency in the management and use of this data. In this sense, the necessary adaptations to the new law can contribute for companies to have more robust corporate processes and, consequently, to be more productive. Anyone looking at this side will surely be able to derive more benefit from adaptation processes.