Privacy and ethics
The data strategy can influence the use of data for new applications. It is therefore necessary to check whether the current rules for ethics are respected and whether they still provide sufficient ethical protection for customers, employees and the relationship maintained with them.
Traceability of persons on the basis of technically combinable characteristics is, for example, a violation of ethical rules and certainly of privacy. Anonymization of personal data alone is therefore not always sufficient.
Risk and compliance
It is becoming clear that the more and smarter use of data can also create risks for privacy, and also for business-critical information. We already mentioned this at the beginning of this training in “opportunities and threats” of data-driven working.
A lot of money is made in an illegal circuit where people focus on obtaining personal and business-critical information. Employees can be sensitive to approach by persons from the illegal circuit and it is a good idea to test employees for such announcements and to consider why employees would be sensitive to them.
Liability as an organization can increase due to new services and the use of external data sources for this.
The protection of these and other risk factors and the prevention of misuse must therefore be included in our risk analysis and mitigation. Of course, the same checks and adjustments apply to compliance with laws, rules and regulations. Are the current policies still sufficiently up-to-date and relevant or are adjustments required?