New Survey Signals Need for Smoother Implementation of Data Governance Technologies and Processes

Spirion, a pioneer in data protection today announced the release of Deliver Effective Sensitive Data Protection with 3 Must-Have Standards, in collaboration with 451 Research, part of S&P Global Market Intelligence. Commissioned by Spirion, the report summarizes real-world feedback from 375 enterprise security professionals about their data privacy program’s organizational dynamics and the critical technological capabilities they rely on to support privacy programs amid increasingly complex regulations.

451 Research completed the survey in January 2021. The survey was designed to understand the technological and workflow practices, pain points, and limitations related to data privacy functions, such as data discovery, data classification, and data remediation.

The survey results reveal that 74% of organizations currently struggle to implement data usage and access policies—necessary for data privacy—without hampering business user productivity. Privacy-Grade data protection, through a combination of technologies and techniques, can effectively close the gap to ensure personal data protections are persistently enforced across the enterprise. It does so by providing the ability to detect and discover potentially vulnerable data, mechanisms for meaningful classification of data, and remediation capabilities that work in near real-time, allowing employees to securely access information with minimal friction.

Marketing Technology News: Why Brands Need to Embrace the Privacy-First Cookieless Future

“Privacy-Grade data protection augments the human and process-oriented elements of an organization’s data privacy effort to support workflows and management of responsibilities.”

“An organization’s ability to identify, retrieve, and remediate data associated with a particular individual or data subject are all quantifiable measures that are directly correlated with data privacy program efficacy and success,” said Paige Bartley, Senior Analyst for the Data, AI and Analytics channel at 451 Research, part of S&P Global Market Intelligence. “While less direct, the general efficiency of data-consuming individuals within the organization can indicate whether a privacy program is well-aligned with the organization’s overarching business objectives. Data can both be protected and used appropriately, but doing so requires the careful orchestration of people, processes, and supporting technology.”

“Responsibilities for data privacy practices are frequently spread across roles and departments, highlighting the need for a methodology that spans business functions,” said Jen Holtvluwer, Chief Marketing Officer at Spirion. “Privacy-Grade data protection embraces this reality by persistently protecting data in motion as soon as it is defined as personal. It also augments the human and process-oriented elements of an organization’s data privacy effort to support workflows and management of responsibilities.”

One of the more significant findings of the study is the fact that organizations with privacy programs spanning multiple regional regulations are better equipped to meet external Data Subject Access Requests (DSAR) deadlines while also supporting the data access requirements of internal line-of-business users without hindering their productivity. This finding suggests that strong data privacy programs likely increase overall awareness of data resources within the organization, contributing to better governance and outcomes across multiple data-driven initiatives.

• Data privacy programs today have significant variations in their leadership and methodology.
• For organizations with a multi-regulation privacy program, 53% report data privacy as a function of security.
• Dedicated technology is common, with 82% of respondents reporting their organization uses a data privacy software or suite: defined as a technology primarily dedicated to helping organizations coordinate responsibilities and meet requirements related to data privacy.
• The top-reported benefits to using automation in data privacy are higher confidence in compliance capabilities (38%), improved time efficiency (36%), and the ability to protect more data (35%).
• Organizations that do not have a multi-regulation privacy program report much longer average times to retrieve data. Overall, 28% of organizations take “several days” or longer to retrieve data.