European organizations are being urged to use today’s ninth annual Data Protection Day as an incentive to step up preparations for major new EU privacy laws coming down the road.
The date was created to raise awareness about data protection issues as it falls on the anniversary of the opening for signature of the Council of Europe's Convention 108 – a cornerstone of international privacy laws.
It’s named Data Privacy Day in the US.
However, with the EU General Data Protection Regulation (GDPR) approaching the latter stages of negotiations between member states, organizations across Europe are being told to get ready for the potentially onerous new obligations.
“Strong, effective data protection and the responsible, transparent use and retention of data are the hallmark of an ethical organization,” said Sue Trombley, managing director of Professional Services at Iron Mountain.
“It is an approach that can inspire customer trust just as much as a data breach can destroy it. The equation is simple: trust builds loyalty and loyalty drives sales. Organizations have much to gain from taking action now before the law obliges them to do so.”
The firm has released a report detailing the opportunities to plan and manage the impact of legal change.
Privacy has certainly become a major issue in the minds of consumers. In fact, almost half (45%) of Brits believe it’s more important than national security, according to the TRUSTe 2015 GB Consumer Confidence Privacy Index.
The data privacy management firm interviewed around 1,000 British netizens to compile its research, which also revealed that 92% are concerned about their online privacy and one third are more concerned than they were a year ago.
Of most concern to respondents was the possibility of firms collecting personal data and sharing it with other companies (48%).
However, security firm Egress claimed that a recent FoI request to privacy watchdog the Information Commissioner’s Office (ICO) revealed the vast majority of data breaches (93%) occur as a result of human error.
“Businesses must start looking closer to home if they want to prevent data breaches. Mistakes such as losing an unencrypted device in the post or sending an email to the wrong person are crippling organizations,” argued CEO Tony Pepper.
“In fact, our ICO FoI data shows that a total £5.1m has been issued for mistakes made when handling sensitive information, whereas to date no fines have been levied due to technical failings exposing confidential data.”
It’s not just in the UK and Europe where data protection is becoming a major talking point. Stats from the Identity Theft Resource Center earlier this month revealed that reported data breaches hit 783 in 2014, growing by a whopping 27.5% over the previous 12 months.