Why privacy compliance is important for business

Publish date:

Mature organizations regard effective privacy management as a strategic enabler that can deliver competitive advantage.

A year after the groundbreaking General Data Protection Regulation (GDPR) came into effect, the corporate world is waking up to its consequences.

In recent news, the Information Commissioner’s Office (ICO) is proposing to fine the international hotel group Marriott $125 million for a massive data breach involving 339 million of its guests.

Under the provisions of the GDPR, the affected entity could respond to the proposed fine before the ICO makes its final decision. Since the breach affected several European Union countries, other data protection authorities could also weigh in with their opinions. I talked about how victims could handle the aftermath of a breach in a previous article.

This follows closely on the ICO’s intention to fine British Airways $230 million for a cyber incident in September 2018. Prior to these big ticket items, over 200,000 cases were investigated, leading to fines totaling €56 million – the largest of these €50 million dished out to Google by French agency CNIL.

It seems clear that the European Data Protection authorities are just warming up.

Cost of data breaches

As of March 2019, it was reported that the breach had cost Marriott $28 million, of which close to $25 million was covered by the company’s insurance policy. Marriott CEO Arne Sorneson said the breach hadn’t impacted revenue or customer loyalty. However, these are early days yet; the hidden costs of the breach will be known in a couple of years – after the fines are paid, revised insurance premiums determined, and class action and lawsuits are settled.

The Ponemon Institute report – 2018 Cost of a Data Breach Study – reveals that the average cost of a data breach is $3.86 million. This includes hidden costs such as lost business, negative impact on reputation, and time and money spent on recovery efforts.

The way forward

There is an increasing global trend towards strengthening privacy regulations and breach notification laws. Consumers are becoming more aware of their privacy rights, with some countries moving towards including data privacy as a fundamental right.

Capgemini research shows that consumers are willing to engage more with organizations that are GDPR compliant, while a more recent study from Cisco reveals that businesses that treated privacy as more than just a compliance initiative benefited from shorter sales cycle times, lower likelihood of data breaches, and reduced system downtime and data losses. The Cisco study also revealed that 42% of respondents believe that investment in privacy enables agility and innovation. This leads to the view that mature organizations regard effective privacy management as a strategic enabler that can deliver competitive advantage.

To find out how our how Capgemini’s GDPR services can help your organization stay on top of your data protection and compliance initiatives, contact Geetha Jayaraman.

Geetha Jayaraman helps organizations leverage their use of technology by managing risks to achieve organizational objectives. She uses her experience to facilitate digital transformation of organizations through the adoption of the right technology solutions. As an expert in cyber security, she has guided many organizations in balancing risk with the adoption of technologies. Prior to her current role in Information Risk Assurance at Capgemini, she worked with several large technology service providers to bridge business objectives with ICT solutions.

Related Posts

Business Services (global)

Successful AI implementation made simple

Priya Ganesh
Date icon January 19, 2022

When implementing AI, you need to walk before you can run. But what does process optimization...


Big conversations for a sustainable future

Date icon January 19, 2022

One leader. One hour. One circle. One global movement – Capgemini’s new global campaign to...

Business Process Outsourcing

A delivery mechanism for the digital twin

Date icon January 19, 2022

Capgemini’s Transformation and Innovation Office leverages the digital twin, to drive...