19 Jul Data Privacy Is Not the Same as Security According to NetApp
California, USA – NetApp privacy chief Sheila Fitzpatrick said on Monday that technology organizations should only gather the necessary amount of data to carry on transactions with customers. She emphasized that collecting minimal data can lessen repercussions in the event of a breach.
Fitzpatrick is concerned with companies that seem to equate data privacy with security, when these are two different aspects. She adds that having a security solution in place is not enough to completely address privacy problems.
During a breach, companies are always required to justify why they gather certain information. For instance, if an organization encrypts data illegally without getting customer consent, security measures cannot resolve this issue once the government questions their motives.
Fitzpatrick asserts the significance of implementing privacy compliance apart from security measures, especially with the approaching General Data Protection Regulation (GDPR) in Europe that requires companies to obtain data storage consent from customers.
Source: ZD Net