Data Trust

Strengthening organizations’ data governance, discovery and protection

Increasingly stringent regulations around the world (like the European Union’s General Data Protection Regulation, Bill 64 and the expected reintroduction of Canada’s Consumer Privacy Protection Act) and shifting market expectations are making it harder to unlock value out of data. And some organizations are losing touch with how their customers truly feel about data protection. Nowhere is this clearer than when we look at the value of data. But we’re seeing a trust divide when it comes to the use of data: 74% of Canadians believe they have less protection of their personal information than they did ten years ago.

71% of Canadians would be more likely to do business with a company if it were subject to strict financial penalties for the misuse of individuals’ personal information

Using data to unlock the full value of data responsibly, while also focusing on its secure and ethical use, must be a priority. The answer to this challenge is a good foundation in what we call data trust: making sure you’re using data responsibly, securely, accurately and ethically so you can rely on it for business decisions.

With advances in technology, data processing and storage, trust has become something companies must provide to their clients and employees.

According to our 2022 Canadian Digital Trust Insights, nearly one in five Canadian respondents (one in four globally) say they have no formal data trust processes in place at all. And only 36% have mapped all their data (35% globally), meaning they know where it comes from and where it goes. Even fewer—29%—have mature data minimization processes (35% globally).

Once you’ve crafted your data strategy, governance—the policies, procedures and processes for fulfilling the strategy—should follow immediately.

Effective data governance is important not only for operational resilience, but also for addressing requirements under  Bill 64 in Quebec and the expected reintroduction of the federal Consumer Privacy Protection Act (Bill C-11). Both bills include significant regulatory changes in the way companies operating in Canada must protect personal information and are backed by substantial fines for non-compliance. When someone asks for information about their data—what you’re keeping and what you’re doing with it—you need to be able to answer quickly and accurately.

Creating and fulfilling this strategy will take a new approach: a team with cross-functional expertise in finance, lines of business, data science, ethical data use, security and privacy. And they must do it all while being innovative, finding new opportunities, delivering value and staying competitive.

Challenges in organizational data trust

Advancements in data storage and analytics have allowed organizations to scale their data footprint and get value from their data, but there are some challenges that limit organizations from achieving those goals:

  • exponential data growth, ethical use and proliferation
  • adapting to changing regulatory and market expectations on privacy, and lack of internal controls to manage the risk (e.g. no visibility into what data is in which systems)
  • reliance on third-party supply chains and ecosystems

How we can help

Organizations should view data trust as an ecosystem that allows them to create, use, share and retire data securely and transparently.

To do so, there are four key areas to consider:

Data governance

Make it formal. Establish and execute a sound data governance program to make sure you meet compliance requirements and unlock data’s value for your business. Centralized data governance can help you know what data you have, where it resides, how it’s changed and how to protect it.

Data discovery

Identify it. Companies need to secure data at rest, in use and in motion, and discover sensitive data to enforce data protection controls. Using digital risk management platforms and digital command and control centres will enable organizations to identify their data and make sure they’re using it to optimize their systems.

Data protection

Make it safe. Implement a number of solutions focused on keeping data secure, gaining visibility over data and maintaining the quality of data.

Data minimization

Optimize it. Build a data supply chain pipeline to get value from your data and drive insights. The current state of most companies is data-rich but information-poor and inadequately protected.

Learn about the steps you can take to start your data trust journey. We know this journey takes time and focus, and we’re here to help you solve these complex problems for your organization.

Check out our Privacy & Canadian Business Hub for information on emerging privacy issues, insights on regulatory developments, practical advice to enhance your privacy program strategy and much more.

Read more

Follow PwC Canada

Contact us

​Jordan  Prokopy

​Jordan Prokopy

National Privacy Practice Leader, PwC Canada

Tel: +1 416 869 2384

Richard Wilson

Richard Wilson

Partner, Cybersecurity & Privacy, PwC Canada

Tel: +1 416 941 8374