With Great Data Comes Great Responsibility
Share and Follow

Data privacy is the next big thing for companies to address—and they need to do it now.

Companies of all sizes constantly face the challenge of adapting to new business needs.

First, it was all about becoming digital.

Then, it was driving digital transformation.

Now, it’s data.

At scale. At speed.

According to a study published by IDC in May 2022, the amount of new data created, captured, replicated, and consumed is expected to double in size by 2026.1 That’s on top of the fact that in 2021, Statista estimated the world produced 79 zettabytes of data—meaning in every hour that passed in 2021, the world made more bytes of data than grains of sand on Earth.

For many companies, the rising question in board rooms and the C-suite isn’t how to get the data; it’s how to protect it. Across industries, data leaders and decision makers are struggling with the same three challenges: customers increasing awareness of how their data is used, an increasing number of regulations to follow, and a lack of people with the data skills needed to keep their company in compliance.

Wendy Batchelder at the 2022 Forbes CIO Next Summit in New York City.

Challenge: Increasing consumer awareness

Consumer awareness of how their data is collected, stored, and used when interacting with a company has risen in the last several years. There’s an increasing understanding of cookies and apps asking to track our activity across other apps. As much as customers appreciate personalization, they don’t want to compromise their sense of privacy. In fact, among consumers surveyed in a 2021 KPMG study on corporate data responsibility, 30% said there are no circumstances under which they’d share their data with businesses, and around 75% of the consumers said they wanted greater transparency about how their data is used.

There’s also a rising number of incidents where companies step over the line. In 2021, there were 1,862 data breaches, an increase of 754 over the previous year and 356 over the previous record. All totaled, nearly 294 million people were impacted, with over 18.5 million records exposed.

What does this awareness mean? According to a 2022 McKinsey study, customers now make buying decisions based on how companies protect their data. Security of their information is becoming just as important as price and quality, and if they don’t trust a company to protect their data, they won’t give them their business.

Challenge: Increase in regulations and oversight at all levels

Regulations on data privacy have also increased in the last decade. Two of the largest and more recent regulations that companies must follow happened within the last four years: the General Data Protection Regulation in the EU and the California Consumer Privacy Act in the U.S. We’re also seeing states like Colorado, Connecticut, Utah, and Virginia release additional regulations. And for the first time in over 10 years, Congress is seriously considering a federal privacy law through the American Data Privacy and Protection Act.

These regulations are necessary, but it certainly makes data professionals’ jobs much harder. We have to strictly ensure that our companies are compliant with multiple jurisdictions and prove to our customers that we’re doing what we need to do to protect information. Navigating the differences is tricky and will only become harder.

What’s more, as the topic of data privacy becomes more prominent, so do the consequences. In October 2022, the Federal Trade Commission (FTC) in the U.S. leveled sanctions against the CEO of Drizly over a data breach that exposed millions of customers’ personal information. Under the proposed order, Drizly’s CEO will be accountable for specific security standards, not only at Drizly but at any company he leads in the future. The FTC hopes this action emphasizes the rising importance of data security.

Challenge: Gap in data skills

Even if a company is complying with regulations and adapting to their customers’ increasing awareness of data use, there remains a stark gap between the data skills needed and the number of individuals with those skills.

We’ll have twice as much data in 2026—but we’re not going to have twice the number of people working in data fields by 2026. In fact, Forrester Consulting found in research commissioned by Tableau in March 2022 that while close to 70% of employees are expected to use data heavily in their job by 2025, only 39% of organizations make data training available to all employees.2 The lack of people currently in the field, combined with a lack of upskilling or training, means the demand for data experts will only continue to exceed the supply unless companies take active steps to train more people.

What needs to be done now

These challenges aren’t going away. As a data leader, I feel the pain of others who want to put more controls around their data and genuinely earn their customers’ trust. There are several things you can do to help you enact the right levels of governance:

  1. Treat your data like it’s your own—because it is. It’s your data, your children’s data, and your neighbors’ data.
  2. Use technologies like data cataloging to progress at the pace of regulation. No company can hero its way through this, but leveraging tech will make it easier to scale.
  3. Invest in data training for your employees. Top-level leadership and strategy must ensure that data training is relevant and effective for everyone from new hires to experienced workers across all departments and roles. This also can help alleviate finding the specific data skills that organizations need through training instead of hiring.
  4. Keep it simple. It may sound like common sense, but when it comes to data privacy, it’s easier to be complicated than to be simple. Where is your data? Who can access it? Who needs to access it? Start with those questions, and build from there.

Even if you don’t have the means to tackle every challenge, putting controls around your data now means you’ll understand your exposures and risks as you grow.

Many companies are lucky because they know they need to change, clean, or even create their data privacy policies—and they still have time to do it. But every day companies wait to do that, it becomes exponentially harder to put that governance in place.

SECURE AND GOVERN YOUR DATA WITH TABLEAU

Tableau Data Management offers data preparation and cataloging, making it easier to discover, understand, connect, and trust your data.

Data Privacy and Data Ethics: Know the Difference

It’s important to acknowledge that data privacy and data ethics are two distinct topics. Data privacy involves protecting your data and your customers’ data appropriately. It means you know where the data is, how it should be classified, and what controls need to be applied so those who need it can use it and those who don’t can’t access it. It also means you’re following all regulatory rules regarding that data—whether that’s at the company, state, or federal level. Data ethics, on the other hand, involves how you’re using data to make decisions which is something every company has to define for itself.

Share and Follow