The privacy landscape is changing. There is increasing consumer awareness and concern over the use of their personal data and there’s an ever growing list of privacy regulations that companies need to navigate.

Regulations like GDPR, CCPA, and others carry stiff fines for companies that fail to comply with data deletion requests. However, actually being able to delete someone’s information from an existing system is more complicated than you might expect. Large systems have been developed over many years ignoring the potential impact of PII sprawl. As a consequence, user data is everywhere and no one actually knows all the locations it might exist in.

A data privacy vault is an architectural approach to data privacy that helps address data deletion, mapping, and other data privacy challenges. A data privacy vault is an isolated, protected, single source of truth for customer PII.

Lisa Nee, Compliance Officer United States, Data Privacy Legal Expert North America and Legal Advisor Americas for Atos and Robert Duffy Counsel for McDermott Will & Emery with a focus in privacy and cybersecurity have spent their careers working in privacy. They join the show to discuss why 2023 is the year of privacy, the impact that failing to delete data is having on businesses, and how a data privacy vault along with synthetic data are the keys to addressing these problems.

Topics:

• Why is 2023 the year of privacy?
• What laws are out there to require deletion?
• What is data retention and why is it a risk for businesses?
• What is PII sprawl?
• What’s the cost of a violation to delete someone’s data?
• How do you fix this problem?
• How do you comply?
• What is a data vault?
• Where did you first learn about this concept?
• How does a data vault help address the deletion problem?
• What is synthetic data and how does it help with the deletion problem?
• What future looking tools and technologies are you excited about

Resources:

• IEEE Privacy Engineering
• Data Mapping, Extracting Data Utility Before Deleting Data Files