Virtualization Technology News and Information
Ground Labs 2021 Predictions: Three Data Predictions - Collecting Less but Worrying More

vmblog 2021 prediction series 

Industry executives and experts share their predictions for 2021.  Read them in this 13th annual series exclusive.

Three Data Predictions for 2021: Collecting Less but Worrying More

By Stephen Cavey, co-founder and chief evangelist, Ground Labs

As data management leaders and compliance officers reminisce on this past year, it may be regarded as disorienting for data security and compliance. Without warning, the pandemic disturbed business practices, changing how we work, communicate and live our daily lives. As a result of these changes, meeting regulatory compliance was often deprioritized while the risks associated with organizational data simultaneously increased. However, as we wrap up 2020 and enter 2021, organizations will have to reckon with their data management decisions and get back to compliance-as-usual. With new and updated data privacy regulations on the horizon for the coming year, here are three data management and compliance predictions to keep in mind for the year ahead.

2021 will be a year of catch-up for compliance with regulatory requirements

Compliance was already struggling to receive the attention it deserved prior to the outbreak of COVID-19, and since then, organizations have seen budgets slashed, forcing tough decisions and a brutal prioritization approach towards IT and security tasks. As a result of this, many organizations will be looking to get back to a pre-pandemic state on their compliance initiatives, and start to better understand requirements for newer regulations like the GDPR and CCPA as they continue to evolve.

Additionally, we may see a re-focus on the enforcement of compliance regulations, after a relatively quiet 2020. While there has been some enforcement in 2020 there has not been as much as there could have been had there not been a pandemic. Assuming businesses are able to get back to some form of normalcy, expect to see regulatory enforcement go after household names who possess large warchests and store mountains of customer data.

Organizations will collect less information on consumers

In the past, organizations have looked to get as much information on consumers as possible, even if they did not have a clear business use for the data. If saved in the wrong location, this data poses a potential threat despite having no real use. In 2021, we will see businesses become more aware of the volume and types of data being collected, handled and transmitted, and ultimately look to limit it to data which has a justifiable business need. COVID-19 has increased the risk for organizations and as budgets shrink, regulatory compliance declines, and employees continue to work remotely, organizations must look to mitigate risk wherever they can.

California will continue to set the data security and compliance benchmark with the CPRA

While organizations and the overall compliance environment would benefit greatly from a federal data security and privacy mandate, we do not expect to see it happen in 2021. Instead, California will continue to set the compliance benchmark with the California Privacy Right Act (CPRA), which Californian voters approved in November. With multiple states and regions looking to California as an example for their own compliance regulation, there is a valuable lesson to be learned about creating a comprehensive piece of legislation that lasts for years.

If we do see individual states or other regions introduce their own regulations, compliance will only become more complicated and fuel a decline in regulatory adherence coinciding with an increase in "prioritised compliance" driven by liability potential and number of customers within a given state. The individual nuances of multiple regulations are destined to create headaches for organizations that are already stretched thin as they look to rebound from the effects of COVID-19 and adjust to new business practices. However, we are hopeful that some common sense will prevail between states in ensuring their individual security standards do not deviate too far from California's CPRA.

Unquestionably, 2021 will be a busy year for compliance and security officers as they adjust and manage their data privacy standards. They will need to continue to navigate existing regulations but simultaneously aspire to meet new intricate data rules. A tall order, but critical as we continue to address compliance in the new year to safeguard customers, employees and organizational success.


About the Author           

Stephen Cavey 

Stephen is the co-founder of Ground Labs, leading a global team empowering its customers to discover, identify and secure sensitive data across their organizations. As the Chief Evangelist, he leads its worldwide product development, sales and marketing and business operations and was instrumental in extending Ground Labs' presence with enterprise customers. Stephen has deep security domain expertise with a focus on electronic payments and data security compliance.
Published Friday, November 20, 2020 7:28 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<November 2020>