Firms believe privacy activities are ‘inadequate’

September 27, 2013

Many organisations acknowledge that their privacy activities are inadequate and that they have worsened over the past two years, a survey shows.

More than a third (43 per cent) of organisations polled by Gartner have a comprehensive privacy management program in place, while seven per cent admitted to doing the bare minimum to meet their legal requirements.

Of the organisations that are taking their privacy obligations seriously, increased staffing and budgets emerged as the two most common ways of ensuring that standards are met.

Gartner explained that generating the right staffing model is crucial to the long-term success of privacy programs – they are only as effective as the people driving them.

Carsten Casper, research vice-president at Gartner, highlighted that many companies have not created a specific privacy officer role – namely someone who is solely responsible for this area of the business.

The expert continued: "Organisations continue to invest more in privacy due to ongoing public attention and a number of new or anticipated legal requirements.

"They also show that previous investments have not always paid off and that organisations need to refocus their privacy efforts if they want to raise the maturity level of their privacy programs back to that of 2011."

As privacy plays an integral role in sound vulnerability management, Gartner revealed that the correct storage of data is high up on the list of requirements that companies believe should be included in a privacy program.

Some firms choose not to store personal data where it is at risk of cyber attack, although the central global storage of this information is becoming increasingly common.

For the first time in 2013, more companies stored their data in a central server than in a regional or local data centre, which was the method of choice in previous surveys.


Leave a Reply

Your email address will not be published. Required fields are marked *