Privacy, in the broadest sense, is the right of individuals, groups, or organizations to\u00a0control<\/i>\u00a0who can access, observe, or use something they own, such as their bodies, property, ideas, data, or information.<\/p>\n
Control is established through physical, social, or informational boundaries that help prevent unwanted access, observation, or use. For example:<\/p>\n
The exponential growth of a global information economy, driven by new technologies and disruptive business models, means that an ever-increasing amount of personal data is being collected, used, exchanged, analyzed, retained, and sometimes used for commercial purposes. It also means there is an ever-increasing number of accidental or intentional data breaches, incorrect or lost data records, and data misuse incidents.<\/p>\n
As a result, the demand for data privacy \u2014 the right to control how personal information is collected, with whom it is shared, and how it is used, retained, or deleted \u2014 has grown, as has the demand for\u00a0data security.<\/p>\n
Balancing the individual\u2019s right to data privacy and an organization\u2019s desire to use personal data for its own purposes is challenging, but not impossible. It requires developing a data privacy framework.<\/p>\n
This is part of an extensive series of guides about hybrid cloud<\/a>.<\/p>\n Although there isn\u2019t a \u201cone-size-fits-all template\u201d for a framework, there are several universal processes that can help you develop one relevant to your business:<\/p>\n Discovering and classifying personal data<\/b>\u00a0\u2014 Determining what types of data is collected (e.g., medical, financial, or personally identifying data such as Social Security numbers), where and how the data is collected, where data is stored, who has access to the data and where are they physically located, data flows within and across a business unit, and data transfers within and between countries.<\/p>\n Conducting a Privacy Impact Assessment (PIA)<\/b>\u00a0\u2014 Determining how and where data is stored, backed up, and disposed, what data security measures are currently implemented, and where systems may be vulnerable to a data privacy breach. Examples of data security measures include the following:<\/p>\n Understanding marketing issues<\/b>\u00a0\u2014 Determining cross-border marketing issues (e.g., whether products or services are directly marketed to residents of other countries, the language used on a website, or a deployment of mobile applications), and third-party marketing issues (e.g., sharing of information for marketing purposes).<\/p>\n Analyzing compliance requirements<\/b>\u00a0\u2014 Determining applicable compliance requirements, based on the results gathered in understanding the personal data and conducting a PIA.<\/p>\n Developing privacy policies and internal controls<\/b>\u00a0\u2014 Creating external privacy statements (e.g., website, mobile app, and offline privacy policies); internal and external privacy policies and procedures related to data governance<\/a>, data privacy and security breaches; and data privacy training.<\/p>\n Learn how Imperva data\u00a0security\u00a0<\/a>and data\u00a0masking\u00a0<\/a>solutions\u00a0can help you develop your Data Privacy Framework.<\/p>\n Together with our content partners, we have authored in-depth guides on several other topics that can also be useful as you explore the world of hybrid cloud<\/a>.<\/p>\n Authored by Faddom<\/p>\n Authored by Atlantic<\/p>\nDeveloping a Data Privacy Framework<\/h2>\n
\n
\n
See Additional Guides on Key Hybrid Cloud Topics<\/h2>\n
Nutanix<\/a><\/h2>\n
\n
Bare Metal Server<\/a><\/h2>\n