Businessman working from home on laptop showing privacy management when hybrid and remote working

Data Privacy in 2022: Protecting Data During the Age of Hybrid and Remote

Data privacy best practices for safeguarding information have evolved and changed rapidly over the course of the pandemic. Many can agree that privacy in 2022 is different than privacy in 2019; a recent study reveals that more than half of workers (62%) 22-65 years of age engage in remote work at least occasionally, and globally, 16% of companies are fully remote. A twofold condition: we’ve experienced increased flexibility as well as increased data privacy risk brought on by novel working situations.

COVID-19, recent data challenges

As we reflect over the past two years—many may think of their personal experiences adjusting to the “new normal” whether they were settling into work-from-home situations, supporting children as schools shifted from remote to in-person and back again, or investing in N95s to wear to the grocery store. What many may not think about are the steps global organizations had to take—or are taking—to safeguard privacy data and ensure trustworthy data sharing practices as corporations across the world brace for toughened or new data protection regulations. The challenges of remote and hybrid situations are complex and wide-ranging, as these situations have led to increased opportunities for bad actors to attack and breach data privacy and security.

Building organizational privacy trust

Data privacy is a business imperative for global organizations wanting to earn and sustain their customers’ trust. It’s no secret that the global community is working hard towards this objective, as demonstrated by an increasing number of data privacy regulations, leading to the need for a solid technology backup for an effective enforcement and control. The everchanging landscape is motivation for business as a group to align technology towards a safer earth, where global citizens can have their data privacy safeguarded.

Steps to protect information privacy on a corporate leadership level

As we continue to navigate the unpredictability, it’s important to prepare and devise solutions and actions your organization can take to ensure you are strong during times of increased data vulnerability. Businesses can consider:

  • Establishing data privacy as a centralized and an enterprise-wide program. This program must be defined, implemented, and governed by a dedicated data privacy committee—that has representatives from all key organizational functions. Further, organizations can define a formal role of data privacy / data protection officer, which reports to CEO directly. For such data privacy program to be effective truly, it must have a buy-in from CEO and C-suite executives.
  • Leveraging data privacy related technologies to enable privacy-safe data access and provisioning, such as sensitive data attribute discovery, static data masking, dynamic data masking, data redaction and data pseudonymization. Further, organizations can explore a strategic, policy-based, and product-driven approach to enable data privacy.
  • Creating a robust metadata management function within the enterprise. This will help establish a “golden repository” of all key organizational entities such as business units, unit owners, business applications, data centers, data sources, business data attributes, among others and inter-relationships between such metadata entities.
  • Retaining and assessing important data (a huge volume of an organization’s data resides in its archives and historical data repositories) when defining data privacy practices. While such data may get accessed only intermittently, it should still be accessed in a privacy-safe manner. Specifically, organizations must have systematic processes to purge unnecessary historical data, in a policy-driven manner.
  • And should, take privacy-precautions when handling health data of citizens. The pandemic has put a conspicuous spotlight on the need of privacy of health—not only healthcare, life sciences and pharmaceutical companies which are already required traditionally to safeguard the privacy of sensitive medical and clinical trial-related information—but any organization that tracks medical, vaccination related information of its employees should take preventative measures.
  • Speaking more actively about their data privacy practices to their customers. This could improve customers’ trust on organization’s way of handling their data. In turn, organizations can gain more business from their customers, through cross sell and up sell. Data Privacy is increasingly being looked up as an agent of growth of business, rather than being looked down as a cause of cost.
  • The fact that data privacy measures will be required even beyond the pandemic. Organizations will be required to ensure privacy of data of its stakeholders (citizens, employees, vendors, partners, etc.) at the time of sharing, access, and usage.
Privacy in 2022 is different than privacy in 2019. With #remotework, we've increased flexibility as well as increased data #privacy risk brought on by novel working situations. #respectdataClick to Tweet

Planning ahead

In 2022, we encourage you to assess your corporation’s plan for data privacy management. Are you doing everything you can to educate your employees about safe data sharing practices, and do you have the best infrastructure to mitigate data privacy risk and thwart future attacks? Remote working isn’t going away anytime soon—and it is our job to stay ahead of the curve and be prepared with the tools and plans to ensure our data stays privacy safe and secure.

 

Global Product Head – TCS MasterCraft DataPlus at Tata Consultancy Services