Improperly handled Personally Identifiable Information (PII) and sensitive information is one of the greatest business threats enterprises currently face. Whether it’s hefty penalties or lasting brand damage, businesses that don’t take steps to address PII risk facing devastating tolls.
Why is PII So Hard to Protect?
Personally identifiable information exists in obvious places, such as customer profiles, research files, financial documents, and so on. But sensitive information also lurks in locations one wouldn’t expect or think to check: buried within email threads and hidden within rarely accessed legacy files. Given that PII is pervasive and exists in both obvious and hidden locations, protecting it is a problem even the most diligent enterprises are pressed to holistically and thoroughly address.
The Shifting Regulatory Landscape
The increasingly strict regulatory landscape is an important driving factor towards this imperative: In the EU, data protection authorities can impose penalties for non-compliance that amount to up to four percent of a company’s annual revenues. Other jurisdictions are following suit with new regulations of their own, and fines are just the beginning.
4 Helpful PII Compliance Resources
Wherever your business is on the spectrum of PII and sensitive data protection, it’s crucial to understand how the regulatory landscape continues to shift—and what enterprises can do to more efficiently and effectively reduce their risk and protect sensitive data. Here are four key resources on these topics.
1. Lessons from the World’s Largest Data Breaches
In 2019, “the mother of all data breaches” exposed a whopping 772,904,991 unique email addresses and 21,222,975 unique passwords. What important lessons can enterprises learn about PII compliance and protection from this breach and others like it? Read the blog to reduce the risk of being a jaw-dropping statistic.
2. Achieving Regulatory Compliance Through PII Discovery
Personally identifiable information is undoubtedly risky for businesses—but it’s not an insurmountable threat. We’ve broken down some of the key risks associated with a failure to contain sensitive PII, and then outlined the key steps businesses can take to reduce their PII footprints. It’s not as complicated as you might expect, either: Read the blog to learn how to achieve PII compliance in just four steps.
3. Critical Considerations for CCPA Compliance
Move over, GDPR. There are new privacy regulations businesses need to be aware of. Starting January 1, 2020, certain entities that do business in California or with customers based in the state will be subject to new PII regulations. These regulations differ from GDPR, and even businesses that are already compliant with European rules may need to take additional steps. Do the new rules apply to your business? What do you need to do to prepare? We’ve compiled everything you need to know into one helpful article.
4. Identifying & Protecting Overlooked Sources of PII
The problem with PII is that it’s so insidious. In addition to existing in obvious places, sensitive information has a way of proliferating in other often overlooked sources, where it can be difficult to identify and remediate without the right strategy and tools. In other words, many businesses are sitting on unaddressed landmines of Personally Identifiable Information. In this post, you’ll learn why PII is so pervasive and how to deal with commonly overlooked PII risks.
The implications of uncontained PII make for risks no business can afford to ignore. Even if you’ve taken steps to protect sensitive customer information and stay within the rules, there’s a good chance your organization is still sitting on some overlooked sources of PII. Whether you already have a strategy in place or you’re struggling to understand what the changing rules mean for your business, knowledge is an important first step to reducing your exposure.
1IBM, How much would a data breach cost your business?
2Adlib Software, How Important is Customer Onboarding for Banking and Insurance Customers? (SurveyMonkey: 2019)