CIOReview
CIOREVIEW >> Compliance >>

How Recent Technology Developments And Transformations In The Compliance Space

Margarita Rivera-Santiago, CISSP, CISM, CRISC, CISA - Director of Information Security Risk & Compliance, LMC-A Lennar Company
Margarita Rivera-Santiago, CISSP, CISM, CRISC, CISA - Director of Information Security Risk & Compliance, LMC-A Lennar Company

Margarita Rivera-Santiago, CISSP, CISM, CRISC, CISA - Director of Information Security Risk & Compliance, LMC-A Lennar Company

Compliance as a business driver?" - said no one ever…. until now.

Compliance has always been viewed as more of a burden than a competitive advantage. However, as technology has continued to evolve, new innovative ways to utilize data have brought about the need for an increased focus on the protection of that data. Amidst an ever-evolving technological landscape, the law has always lagged in protecting the data that resides within those technologies. Despite this, there is significant business value when approaching technology compliance proactively, rather than reactively, within the organization. The EU’s General Data Protection Regulation (GDPR) that became effective in 2018 and the California Consumer Privacy Act (CCPA) that becomes effective January 2020 has completely changed the way technology, security, and privacy is viewed within the business. It is no longer simply the burden of having to comply to some regulation but rather the opportunity to accept the responsibility of protecting the data and to be strategic in doing so.

 The ability to proactively incorporate protections and controls into the technology saves money by avoiding the need to retrofit solutions and minimizes the risk of being fined or incurring costs due to a data breach 

The evolution of technology and compliance over the last 15 years has been nothing short of amazing. Smart technology, artificial intelligence, robotics, and the ever-evolving business model of leveraging data to target consumer preferences pose both challenges and opportunities when it comes to technology and specifically, data protection. The reality is that it is no longer just about personal identifiable information. Whereas it was sufficient just to protect social security numbers, names, and addresses, now any personal data that directly or indirectly identifies the data subject must be protected.

The change in the data requiring protection has brought about a convergence between Information Technology, Security, Privacy, and the Business in order to better manage compliance requirements. As a result, these groups are now also collectively seeking opportunities for added business value. Like never before, these groups are having to speak the same language and work together to find solutions to manage risk. In doing so, these groups are able to generate solutions that positively affect the business.

Additionally, more and more businesses are paying attention to their relationships with their 3rd party vendors. A 2018 study conducted by Opus and the Ponemon Institute showed that 61% of US companies experienced a data breach due to a 3rd party relationship. Although 3rd party solutions are providing services, such as a Software as a Service, that are easy and inexpensive for the business to consume, the risk of the 3rd party not having appropriate security controls in place to protect the data that it hosts poses a significant concern and liability for the business. Business collaboration is key in ensuring the correct oversight and due diligence are performed.

Regardless of your view of the technology and/or compliance evolution, the massive impact on businesses everywhere and the increased impacts for years to come are undeniable. There is inherent savings in managing compliance proactively rather than reactively. The ability to proactively incorporate protections and controls into the technology saves money by avoiding the need to retrofit solutions and minimizes the risk of being fined or incurring costs due to a data breach. Those organizations that can be more strategic and forward-thinking will not only save significant time and money but will also find innovative ways to leverage technology and data to affect the bottom line positively. Strategic compliance can provide business value, but collaboration is key.

See Also:

Top Compliance Technology Solution Companies

Top Compliance Technology Consulting/Services Companies

Read Also

ITSM: The Digital Customer Experience

ITSM: The Digital Customer Experience

Christian Moore, SVP, IT Service Mgmt., Texas Capital Bank
Managing Knowledge and Managing Processes

Managing Knowledge and Managing Processes

Matthew Morgan, COO, Savills Inc. (North American business unit of Savills plc)
Can your Investment Manager be both fundamentally and artificially intelligent?

Can your Investment Manager be both fundamentally and artificially...

Patrick Dugnolle, U.S. Head of Multi-Asset and Quantitative Solutions, BNP Paribas Asset Management
The coming Enterprise 5G Boom three trends that will drive Enterprise Demand for 5G in 2020

The coming Enterprise 5G Boom three trends that will drive Enterprise...

Imran Akbar, VP & GM, Small Cells & Wireless Enterprise, Samsung Electronics America
Survival of the fittest in the age of Innovation

Survival of the fittest in the age of Innovation

Bob Karschnia, VP & GM of Wireless, Emerson Automation Solutions [NYSE: EMR]
The Era of Frictionless Mobility

The Era of Frictionless Mobility

Dr. Derek Peterson, Chief Technology Officer, Boingo Wireless [NASDAQ: WIFI]