Data Privacy Regulations: Bad for Business?
An international survey, commissioned by Intralinks and conducted by Ovum, explores the data sovereignty concerns around a cloud-based business environment.
8 December 2015
In today’s digital world, there are no longer any physical boundaries when it comes to sharing information, and national governments are catching up with this change by enacting new data privacy laws to protect personally identifiable data. As a result, organizations are being required to react to these changes and ensure that their cloud partners, practices and processes are compliant with these new regulations.
Data Privacy Laws: Cutting the Red Tape
An international survey and report, commissioned by Intralinks and conducted by global analyst firm Ovum, explores the data sovereignty concerns around today’s increasingly cloud-based business environment. In Q3 2015, 366 IT decision-makers around the world — within organizations of different sizes and various industries — were surveyed to see how prepared they were for new and pending data privacy regulations.
Key findings from our survey confirm that the global privacy rights movement poses significant new business and economic risks to organizations.
Here are some of the research highlights:
- Two-thirds of businesses expect a change in their global business strategies in light of new data privacy regulations.
- Over half of businesses think they will be fined due to the pending General Data Protection Regulation (GDPR) in Europe.
- More than 70% of businesses expect budgets to rise to meet new data sovereignty requirements.
- Organizations are not using technology effectively to address data privacy concerns
- The U.S. is the least trusted country in our survey for respecting privacy rights, lagging behind China and Russia.
- Over the next three years, 78% of businesses plan to use cloud and SaaS-based applications for storing and sharing sensitive and regulated data.
The impact of data sovereignty regulation is only just beginning and will become an ever-growing concern for organizations operating internationally as upcoming laws emerge. Enterprises need to plan and adapt their business processes to meet new privacy obligations in different countries and jurisdictions.
Technology solutions that cover the whole content lifecycle — data at rest, in motion, and in use — such as Customer Managed Encryption Keys (CMK) and Information Rights Management (IRM), can help businesses meet compliance requirements. Organizations need to prepare now and start adjusting cloud strategies appropriately to meet imminent regulatory demands.
Has your organization started to adapt its business processes to meet new data privacy obligations? Share your thoughts on evolving data privacy regulations in the comments below. Click here to get your copy of the Ovum report entitled “Data privacy laws: Cutting the red tape”, and check out our data sovereignty resources for more guidance.
Deema Freij is SVP, Deputy General Counsel and Global Privacy Officer, based in Intralinks’ London office. Deema oversees global data governance within the company and is responsible for further strengthening the company’s worldwide focus on data privacy and the regulatory demands placed on its customers. Deema brings almost two decades of experience in the legal profession. Prior to joining Intralinks in 2011 as Legal Counsel, EMEA & APAC, she spent seven years as a legal consultant.