Organizations are not doing enough to protect data privacy

In today’s data-driven society, privacy, security and trust are more vital and intertwined than ever before. But many organisations are not doing all they can to protect data privacy, according to PwC’s 2018 Global State of Information Security Survey (GSISS). The survey draws on responses of 9,500 senior business and technology executives from 122 countries.

49% of respondents say their organisation limits collection, retention, and access of personal information to the minimum necessary to accomplish the legitimate purpose for which it is collected. Only 51% of respondents have an accurate inventory of where personal data for employees and customers are collected, transmitted, and stored. And only 53% require employees to complete training on privacy policy and practices.

When it comes to third parties who handle personal data of customers and employees, less than half (46%) conduct compliance audits to ensure they have the capacity to protect such information. And a similar number (46%) say their organisation requires third parties to comply with their privacy policies.

Read more about the disconcerting findings of PwC’s 2018 Global State of Information Security Survey on Help Net Security.

Track the strategic threats to your business with the Threat Brief, delivered to your email daily.

Subscribe Here