The
Grid.
CONFERENCE OF CREATIVES
INFOGRAPHICS
A collection of infographics to help you understand various processes and steps around data and information governance in a simplified way.
One simple but effective way to think about metrics is to group them into strategic, tactical, and operational bins.
Strategic metrics are high-level metrics that are used to evaluate progress toward a specific long-term goal.
Operational metrics provide the ability to track specific processes and operational activities.
Tactical metrics provide more in-depth analysis and are suitable for detailed analysis of the program’s performance. Read More
Governance Metrics
Data minimization is the practice of limiting the collection of personal information to what is needed for the intended purpose.
Embracing data minimization, as one of the most important tools in the toolbox for privacy, shows an organization’s commitment to privacy. Furthermore, deleting obsolete data on a regular basis will ensure the availability of current and accurate data for analytics. Read More
Data Minimization
An extensive Data Map provides an understanding of what data is created, how it is classified, where it is stored, and its transmission within and outside the organization.
Different stakeholders and teams within an organization can easily see and understand how their data is used with our data maps.
A robust Data Map can help:
a. Maintain a data inventory
b. Assess the risk/damage to data
c. Identify affected data
d. Bounce back quickly after an attack or breach
Data Maps
Data breaches and abuses are a stark reminder of the dark side of the cyber world. Data collection without consent and the recent history of high-profile data breaches have increased caution amongst consumers and individuals about their personal data.
Here are some major incidents of a data breaches that made a huge impact in the privacy world.
Data Breach
Data is a key focus for Business, Risk, Privacy, IT, and Security teams with each team holding critical pieces of the organization’s overall strategy around Data.
So why is establishing a cohesive strategy around data such a big challenge for organizations? What are the key factors that obstruct cross-functional collaboration? Read More
How do different stakeholders in your organization view data?
The CJEU's Schrems II decision given in mid-2020 has brought about a dramatic shift in the way data is transferred outside of the EU. To restrict the increasing amount of cross-border data flows, governments are introducing laws and regulations for companies to follow the approach of data localization. Read more about cross-border data transfers here.
6 Steps to Managing Cross-Border Data
Though the protection of data is a high priority for companies, CIOs, and Information Governance (IG) professionals, there are a few myths and misconceptions that impede effective IG and privacy efforts.
Let us debunk some of these myths and discuss best practices for a robust IG program. Read more here.
7 Myths in Information Governance (IG) and Privacy Execution
The environmental, social, and governance (ESG) ranking of a company evaluates its impact on people and the planet. A recent PwC survey found that the cybersecurity and privacy component of a company’s ESG index makes up about 10% of its overall score. This emphasizes the significance of privacy and security programs within an organization. Read more here.
Integrating Privacy into ESG
In Information Governance, companies use key performance indicators (KPIs) to monitor the effectiveness of IG programs. The KPIs help understands if the program is performing in line with stakeholder expectations on agreed-upon objectives and directions.
Determining what KPIs should be used to measure the program is a crucial first step. The right metrics can help you articulate the purpose, performance, and significance of your program in the best possible manner. Read more here.
Are you using the right metrics to track your IG program:
In Information Governance, companies use key performance indicators (KPIs) to monitor the effectiveness of IG programs. The KPIs help understands if the program is performing in line with stakeholder expectations on agreed-upon objectives and directions.
Determining what KPIs should be used to measure the program is a crucial first step. The right metrics can help you articulate the purpose, performance, and significance of your program in the best possible manner. Read more here.
Are you using the right metrics to track your IG program:
Data anonymization is a technique that removes or encrypts identifiers that relate an individual to the stored data. Anonymization can keep sensitive information private by masking certain attributes of the data while allowing you to derive business value from it. Data anonymization paves the way to ensure your data is utilized but without compromising user privacy. Read more here.
Data Anonymization Techniques:
The European Commission (EC) recently issued its revised standard contractual clauses for data transfers to third countries. These contractual clauses can be the basis for data transfers from controllers or processors in the EU/EEA to controllers or processors outside the EU/EEA (not subject to the GDPR) and will hopefully bring uniformity to such relationships.
Here are some recommendations for service providers to consider when implementing the new SCCs with their EU customers. Read more here.
Tips to Comply with new SCCs
Privacy Enhancing Technologies (PETs) are a broad range of technologies that in conjunction with changes to policies and business frameworks make it possible for companies to be data-driven without compromising the privacy of their customers and employees.
PETs can potentially reshape the data economy and foster relationships of trust between users, corporations, and regulatory agencies. Read more about PETs here.
The growing need for privacy-enhancing technologies (PETs)
What are some of the biggest concerns among consumers when it comes to retail companies?
What can retailers do to improve trust among consumers?
Consumers’ Thoughts on Privacy
EU’s recent regulations and guidelines on cross-border data have galvanized several countries into enforcing similar laws, the violation of which can negatively impact one's business.
Following the Schrems II judgment, the European Data Protection Board (EDPB) issued the much-anticipated guidance for complying with the requirements of the GDPR for the transfer of personal data from the EU to other countries.
Here is EDPB’s Guidance on Cross-Border Data Transfers.
EDPB’s guidance on cross-border data transfers
A comprehensive data map can provide all the information required for you to keep track of your data. A robust data map can enable your efforts for privacy, security, business continuity, and data analytics while helping you comply with the defensible deletion and cross-border data practices. Read More
One DataMap: Many Uses
The CJEU's Schrems II decision given in mid-2020 has brought about a dramatic shift in the way data is transferred outside of the EU. To restrict the increasing amount of cross-border data flows, governments are introducing laws and regulations for companies to follow the approach of data localization. Read more about cross-border data transfers here.
6 Steps to Managing Cross-Border Data
Even with careful planning and preparation, information governance (IG) programs fail to deliver the desired results. Despite investing time and resources, things may go haywire unexpectedly.
Here are the 5 major reasons behind the failure of an IG program.