Skip to main content
close search
site logo
Dive Brief

Data compliance lagging issue for US businesses, yet 42% vulnerable to fines

Published July 16, 2019
Samantha Schwartz's headshot
Samantha Schwartz Reporter
Elizabeth Regan for CIO Dive

Dive Brief:

  • Data privacy regulators have fined more than 10% of companies for data-related issues, according to a Dun & Bradstreet report of 510 U.S. and U.K. business decision makers. 
  • Almost one-third of U.S. businesses are unconcerned about data compliance, yet 42% of respondents believe if regulators examined their data practices, they would be fined, according to the report. 
  • About 41% of organizations lack a head of data management, according to the report. Over the last decade, IT departments are responsible for data, as opposed to overall business for 42% of U.S. business leaders. 

Dive Insight:

Data gives companies insights into customers' preferences and their market trajectory. But reckless data collection comes with steep implications. 

More than half of companies, 56%, say they have not "realized the full potential of data," according to the report. However, the ones that have may not be properly managing it, which has led to regulatory fines or loss of customers.

Data under insufficient management practices can become "siloed, inaccessible and out of date very quickly," according to the report. One of the pillars of the General Data Protection Regulation (GDPR) is knowing where consumer data is at all times, whether stored on-prem or through a third party. Forgotten data can lead to penalties

U.S. companies' resistance to compliance concerns correlates with the federal government's slow crawl to passing a comprehensive data privacy law. 

The California Consumer Protection Act (CCPA) is the closest U.S. law to GDPR, but by some standards, it cannot be regarded as a comprehensive data privacy law, according to Chris Calabrese, VP of Center for Democracy and Technology, speaking at a CompTIA event in Washington, D.C. Monday.

While the CCPA addresses the same consumer rights as GDPR — right to access, delete, opt out, etc. — it doesn't speak to what companies can collect. The goal of the CCPA is to put more control in the hands of consumers, to make them feel more comfortable, said Calabrese. 

A comprehensive data privacy law, however, is about achieving better outcomes "regardless of whether or not consumers decide to use those controls or not," said Calabrese.

Factoring in consumer rights into data management has become just as important as driving business insights. A company can no longer lawfully harvest insights on data without policy protecting it.

Recommended Reading

Filed Under: Security, Big Data

Editors' picks

Company Announcements

View all | Post a press release
PointFive is Apparently the Hottest Cloud Startup, Here is Why
From Jordan Mitchell
November 21, 2024
Viz.ai Wins Prestigious Prix Galien USA Award for Best Digital Health Solution
From Viz.ai
November 12, 2024
NeuBird Named a Cool Vendor in the 2024 Gartner® Cool Vendors™ in IT Operations Leveraging Gen…
From NeuBird
November 11, 2024
Legion Technologies Partners with Vail Resorts to Expand Workforce Management Across 37 Resort…
From Legion Technologies
November 19, 2024
Editors' picks
Latest in Security
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell