New data privacy and protection legislations, both globally and within the region, are driving consumer demands around trustworthy and transparent use of personal data. Privacy regulations protect the rights of the individual (the data subject) with respect to fair and lawful collection and use of their personal information by organisations. Non compliance can result in fines and reputational damage.
Data privacy is far more than just the security and protection of personal data. It all boils down to how organisations are using that personal data. Organisations need to process personal data in an ethical and legal manner. That could mean not bombarding customers with unwanted SMS marketing messages but it could also mean simply not sharing personal information with third parties without the customer’s consent. It doesn’t mean that marketing is now forbidden under data privacy laws but it does mean that organisations need to be transparent about what personal data they are capturing and how it’s going to be used. Many organisations recognise the significant risks of cyber attacks and data breaches but fail to understand what else is required to safeguard what is referred to as the “rights and freedoms of individuals”.
Companies that fail to protect personal data and comply with data privacy regulations aren’t just risking financial penalties. They also risk operational inefficiencies, intervention by regulators and most importantly, permanent loss of consumer trust.
1. Appoint a Data Protection Officer
2. Maintain a personal data register
3. Notify purpose and seek consent
4. Respond when individuals ask about their personal data
5. Enforce security mechanisms
6. Embed data privacy into your systems, processes and services
We start by helping put the data protection requirements in the context of the business. We have developed a five step approach to transforming privacy programmes, with tools and accelerators to assist the process.
Imad Abuizz
Partner, Digital and Technology Platform Leader, PwC Middle East
Tel: +966 504263478
Simone Vernacchia
Partner, Cybersecurity and Digital Infrastructure Lead, PwC Middle East
Tel: +971 4 304 3203