In today’s global digital economy, protecting data privacy is a must. With customers all over the world, every company must be able to demonstrate how they are protecting data privacy to earn the trust of their customers, users, partners and employees.
It starts with these three things.
- Be transparent and accountable.
Let customers and partners know your commitment. For example, Cisco is committed to helping our customers and partners by protecting and respecting personal data, no matter where it comes from or where it flows. We have established long-standing security, data protection and privacy programs and are committed to comply with regulations, customers’ needs and our own corporate code of conduct.
- Invest in a comprehensive data protection program.
Make sure your data protection program covers data throughout its lifecycle. It begins with security and privacy by design and includes privacy engineering methodology and privacy-enhancing technologies (PETs); managing collection, use, processing and storage; addressing operational needs such as reporting and oversight; and secure disposition or destruction at end of life.
- Be vigilant about global regulatory requirements.
Addressing personal data handling requirements across different jurisdictions around the world requires a mature data privacy practice that aligns with industry best practices, customer demands and regulatory requirements. Being a global data citizen includes awareness and structured flexibility across cultural divides.
With enforcement of the European Union’s General Data Protection Regulation (GDPR) just around the corner (May 25), Cisco has been getting ready for GDPR across its global enterprise. Additionally, to secure a safe and legal transfer of personal data across multiple jurisdictions, Cisco was an early adopter and among the first to achieve Asia Pacific Economic Cooperation (APEC) Cross-Border Privacy Rules system certification. We are also certified under both the European Union (EU) and Swiss-U.S. Privacy Shield and recently received accreditation under the EU’s Binding Corporate Rules with policies aligned to GDPR.
With an eye to these three things and a collaborative, risk-based approach to data privacy, companies can focus and respond effectively in an ever more complex and dynamic world.
About the Author
Michelle Finneran Dennedy is vice president and chief privacy officer at Cisco, where she works to raise awareness and create tools that promote privacy, quality, respect, trust and asset-level possibilities for data. She is a unique visionary in the field of privacy and the IT industry, bringing together multifaceted approaches that provide sincere privacy protections and drive business value.
Dennedy is a highly sought-after public speaker who sits on the boards of the International Association of Privacy Professionals (IAPP) and the National Multiple Sclerosis Society of Northern California. She has been honored with many industry awards, including California’s Most Powerful and Influential Women, by the National Diversity Council; the IAPP Vanguard Award; Woman of Influence for Security and Privacy, from the Executive Women’s Forum (EWF) and CSO Magazine; and most recently Woman of the Year in Technology and Transformation, by the Stevie American Business Awards. Dennedy has a Doctorate of Law degree from Fordham University and a Bachelor of Science degree in clinical, counseling and applied psychology and economics from The Ohio State University.