Building your brand: Navigating the alphabet soup of data protection regulations

Alphabet soup: that’s what it is. A real alphabet soup. The GDPR, CCPA, HIPAA, COPPA, GLBA, and LGPD. All of these letters represent laws. Laws here, there, and everywhere.

Laws in Europe. Laws in the U.S. Laws in Brazil. Laws about cybersecurity. Laws about privacy. Why is there an explosion of these laws recently? More importantly, how do organizations comply with them all?

IT Governance is here to help. We’ve created this series of blogs to help people who process personal data understand and comply with these laws.

But it’s about more than just legal compliance. Laws are a reflection of what your customers want. They provide solutions to common problems, and give you the opportunity to demonstrate your commitment to the security and privacy of your customers.

Cybersecurity and privacy

All these laws are designed to address two essential issues: cybersecurity and privacy.

The bigger problem is arguably cybersecurity, because the associated costs are staggering. In 2018, cyber criminals cost the global economy $2.9 million every minute, with losses totaling $1.5 trillion.

Along with reputational damage, one of the main costs of poor data privacy compliance are fines. One notable case example is Facebook’s $5 billion fine for violations of a U.S. law that required the social media giant to be more transparent in what it does with users’ personal information.

Meanwhile, Europe is catching up with this regulatory clout thanks to the GDPR (General Data Protection Regulation), which gives supervisory authorities the power to issue fines of up to €20 million (about $22 million) or 4% of annual global turnover.

But neither criminal hackers nor regulators are the principal reason for implementing robust cybersecurity and privacy measures. The most important reason is that your customers expect it.

Building trust with your customers

According to a survey by consumer rating company Consumer Reports, 65% of Americans said that they were slightly or not at all confident that their personal information is private.

Meanwhile, an nCipher Security survey found that 49% of respondents said they would lose trust in their bank if it didn’t adequately protect their data.

Similarly, 53% said they wouldn’t trust digital payments if their bank didn’t notify them of a hack within 24 hours.

What does all this mean? It proves that there are real-world, everyday business effects of poor cybersecurity and data privacy habits. They aren’t just things that are nice to have. They aren’t things that you must address simply to avoid fines. They are essential parts of modern business if your organization is to thrive.

In a world where stories of personal data breaches happen daily, you can gain a competitive advantage by proving your commitment to protecting customers’ information.

IT Governance can help you achieve this. We’ve worked with thousands of organizations to help them better secure their systems, meet regulatory requirements, comply with data protection frameworks, and keep their customers happy

Over the next few weeks we’ll explain some of the ways we can help you.