Data breaches cause tremendous problems, not only for the company affected, but also for its clients. Depending on the company, stolen data can range from relatively benign information to extremely personal details. But in any case, a breach can cost a lot of money for remediation and cause significant damage to a company’s image.
Despite the frequency of data breaches and their accompanying publicity, not many people actually understand the key concepts concerned with data storage, such as the difference between data privacy and data protection. Below, eight members of Forbes Technology Council explain the distinction between data privacy and data protection, as well as the importance of having the needed systems to protect digital assets.
1. Having One Doesn’t Ensure The Other
Data protection is focused on protecting assets from unauthorized use, while data privacy defines who has authorized access. One can say that data protection is mostly a technical control, while data privacy is more of a process or legal matter. One doesn’t ensure the other, and we need both to work together as a proper control mechanism. – Sameer Shelke, aujas.com
2. One Addresses Regulations, The Other Mechanisms
I like to think of data privacy as the regulations, or policies, that governs the use of my data when shared with any entity. On the other hand, data protection is the mechanism — that is, the tools and procedures — to enforce the policy and regulation, including the prevention of unauthorized access or misuse of the data that I agreed to share. – Mohamad Zahreddine, TrialAssure
3. The User Controls Privacy; Companies Ensure Protection
The important distinction people should know about data privacy and data protection is who controls which part. Data privacy controls are mostly given to users. Users can usually control which data is shared with whom. Data protection is mostly a company’s responsibility. Companies basically need to make sure that the level of privacy their users have set is implemented and data is protected. – Vikram Joshi, pulsdForbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives.
4. Safety From Sales Vs. Safety From Hacks
Data privacy is about keeping your information from being sold or shared, while data protection focuses on keeping that information from hackers. It’s important to explain this difference to people and have a policy as to what your company does for each type of data intrusion. – Chalmers Brown, Due
5. Ensuring Your Data Is Only Accessed As Intended
The distinction between privacy and protection boils down to who we intend to share your data with versus how we plan to protect your data from everyone else. At the data access level, they mean the same thing. But in reality, protecting data from unauthorized access requires going beyond a simple ACL scheme and defending against all the vulnerabilities of the underlying systems. – Chris Kirby, Retired
6. You Can’t Have Privacy Without…