Navigating the complexities of data privacy

We sat down with Grayce’s Data+ Product Manager, Paul Dettman, to gain an insight into the world of data privacy.

From your role, would you say clients are still behind when it comes to understanding data privacy? 

Paul: I think that some clients are in a better position than others. Larger organisations like global corporations are more prepared and often have specialist teams to rely on. Even smaller organisations, if they are heavily regulated industries such as Financial Services or Scientific Research, are also well prepared. But most likely everyone else thinks they could do more to educate their colleagues and prepare their systems to improve data privacy. 

What can businesses do to be more transparent about how they handle user data? 

Paul: Transparency should go beyond lengthy, legalistic terms and conditions that often appear on websites and in apps that we download. Sometimes the conditions are made lengthy to discourage anyone from reading them.  

Businesses should simplify and shorten their communications with customers to a bare minimum, and at the point of relevance. 

How important is safeguarding personal data from a business point of view? 

Paul: Safeguarding personal data is fundamental to building trust with customers. The recent legislation changes around GDPR were eye-catching and helped to move privacy up the policy radar, but any ethical company will always strive to take care of their customer data and put the customer first. The regulations mainly just formalise best practice and common sense. 

Are you worried that more protection of personal data may hinder in businesses in their decision-making processes? 

Paul: No, good protection of personal data is an important part of good decision-making, it’s not an option or an add-on. Having customers who trust what companies are doing is not an obstacle but a benefit. The conversation on privacy and protection is gradually changing towards a more positive tone. 

Do you feel more can be done to enhance data privacy? 

Paul: Always, yes. But companies are in a better position than ever before to understand how to maintain privacy and share the minimum information required for a given business purpose. 

Beyond cyber security, why is data protection important? 

Paul: Data Protection is all about careful handling of people’s personal information, so it is an important underpinning of trust, especially in the public sector. People’s health and tax information is sensitive, and they will not engage with public services, or private companies, if they cannot trust them to handle the information with respect. 

How crucial is data literacy training/skills development to a business’ data governance? 

Paul: Data Literacy is essential for everyone in an organisation, beyond the traditional IT and Data teams. If everyone has at least a baseline understanding of the risks around data, the data governance strategy will be more effective and feel like part of normal operations rather than an additional headache on top of a raft of competing issues. 

Is developing data protection skills and understanding around data privacy a core component of Grayce’s programmes? 

Paul: Data Protection and Data Privacy, including GDPR, are built into all of Grayce’s Development Programmes because we recognise how important these are in all workplaces, not just for those entering roles in Data or Technology. For those who are Data or Tech specialists, we include additional modules in our Bootcamps covering areas such as data governance. 

What does data privacy week mean to you? 

Paul: Data Privacy Week is an opportunity to reflect on what data we share as private individuals. In our work lives it gives us another reminder of how important it is to look after our customers’ interests. It also revives the public debate around these topics and how to strike the right balance.