What Is Data Compliance and Why Should it Be On Your Radar?

Privacy and Data Compliance is quickly becoming a bigger business issue with companies in the United States, making it a much larger concern for outsourcing providers around the globe. In addition, the way privacy and data protection are viewed is shifting from a compliance issue to a board-level business issue. Consequently, successful companies are seeing data compliance as a value proposition that directly impacts the bottom line.

We spoke with Todd B. Ruback, an Attorney with DiFrancesco, Bateman, Coley, Yospin, Kunzman, Davis & Lehrer, P.C. whose practice concentrates on privacy/data compliance and technology law, to address this topic.

Data Protection Best Practices

It almost goes without saying that privacy and data compliance apply to personal information such as customer names, addresses, and phone numbers. To assist with this, laws have been established to address the need to protect this data, both at a broad level in Europe and at a state level in the United States.

But the need for data compliance isn’t limited to just these types of information. It also includes non-personal data such as trade secrets, confidential corporate information, intellectual property, and anything protected under a contract.

As the protection of all types of data becomes an increasingly vital concern for companies, it also becomes a point of interest for outsourced vendors. Outsourced vendors need to be aware of the privacy protection laws regarding the data they are receiving, and they need to be sure that they are utilizing privacy protection best practices.

According to privacy attorney Todd Ruback, privacy protection is shifting from an issue of compliance to a board-level business issue for several of the previously mentioned reasons. After all, data protection used to be governed by privacy laws specific to an industry. These laws would mandate a specific checklist of processes that a company would need to successfully have in place in order to comply. For example, there is the Gramm-Leach-Bliley Act created to govern the financial services industry, and the modification of the Health care HIPPA laws to include technology.

Recently, successful companies have begun to shift their thinking and see data protection as a value proposition rather than a compliance issue. Ruback notes that since the occurrence of this shift, it is now possible to see a direct link between privacy best practices and the bottom line. Not surprisingly, this shift also affects outsourcing providers. Recent studies show that as much as 30-40% of data leakage issues occur at the vendor level. This data leakage represents a significant risk to companies, a risk that includes damage control costs, possible fines, and litigation expenses that can impact the bottom line.

We’re one step ahead

With the increase of data compliance and privacy concerns toward this data, it becomes increasingly important to educate outsourcing vendors on best practices in privacy protection. Furthermore, as businesses turn their attention toward these concerns, outsourcing vendors must be aware of and actively employ privacy protection best practices. Our partners in the software industry understand that privacy and security concerns are at the top of your priority list. Contact our team of trusted advisors to find your perfect fit expert in the industry who knows the data compliance best practices that will serve you best.

Andy Hilliard

As CEO, Andy leads and advocates for the globalization and collaboration of great software teams with companies in search of talent, innovation and a globally-distributed extension of their engineering function and culture. Andy founded the ground-breaking nearshore software development services company, Isthmus Costa Rica. He began his global software services career as a division manager at Cognizant during their early formative years.