
How Recent Technology Developments And Transformations In The Compliance Space


Margarita Rivera-Santiago, CISSP, CISM, CRISC, CISA - Director of Information Security Risk & Compliance, LMC-A Lennar Company
Compliance as a business driver?" - said no one ever…. until now.
Compliance has always been viewed as more of a burden than a competitive advantage. However, as technology has continued to evolve, new innovative ways to utilize data have brought about the need for an increased focus on the protection of that data. Amidst an ever-evolving technological landscape, the law has always lagged in protecting the data that resides within those technologies. Despite this, there is significant business value when approaching technology compliance proactively, rather than reactively, within the organization. The EU’s General Data Protection Regulation (GDPR) that became effective in 2018 and the California Consumer Privacy Act (CCPA) that becomes effective January 2020 has completely changed the way technology, security, and privacy is viewed within the business. It is no longer simply the burden of having to comply to some regulation but rather the opportunity to accept the responsibility of protecting the data and to be strategic in doing so.
The ability to proactively incorporate protections and controls into the technology saves money by avoiding the need to retrofit solutions and minimizes the risk of being fined or incurring costs due to a data breach
The evolution of technology and compliance over the last 15 years has been nothing short of amazing. Smart technology, artificial intelligence, robotics, and the ever-evolving business model of leveraging data to target consumer preferences pose both challenges and opportunities when it comes to technology and specifically, data protection. The reality is that it is no longer just about personal identifiable information. Whereas it was sufficient just to protect social security numbers, names, and addresses, now any personal data that directly or indirectly identifies the data subject must be protected.
The change in the data requiring protection has brought about a convergence between Information Technology, Security, Privacy, and the Business in order to better manage compliance requirements. As a result, these groups are now also collectively seeking opportunities for added business value. Like never before, these groups are having to speak the same language and work together to find solutions to manage risk. In doing so, these groups are able to generate solutions that positively affect the business.
Additionally, more and more businesses are paying attention to their relationships with their 3rd party vendors. A 2018 study conducted by Opus and the Ponemon Institute showed that 61% of US companies experienced a data breach due to a 3rd party relationship. Although 3rd party solutions are providing services, such as a Software as a Service, that are easy and inexpensive for the business to consume, the risk of the 3rd party not having appropriate security controls in place to protect the data that it hosts poses a significant concern and liability for the business. Business collaboration is key in ensuring the correct oversight and due diligence are performed.
Regardless of your view of the technology and/or compliance evolution, the massive impact on businesses everywhere and the increased impacts for years to come are undeniable. There is inherent savings in managing compliance proactively rather than reactively. The ability to proactively incorporate protections and controls into the technology saves money by avoiding the need to retrofit solutions and minimizes the risk of being fined or incurring costs due to a data breach. Those organizations that can be more strategic and forward-thinking will not only save significant time and money but will also find innovative ways to leverage technology and data to affect the bottom line positively. Strategic compliance can provide business value, but collaboration is key.
See Also:
Featured Vendors
EDITOR'S PICK
Essential Technology Elements Necessary To Enable...
By Leni Kaufman, VP & CIO, Newport News Shipbuilding
Comparative Data Among Physician Peers
By George Evans, CIO, Singing River Health System
Monitoring Technologies Without Human Intervention
By John Kamin, EVP and CIO, Old National Bancorp
Unlocking the Value of Connected Cars
By Elliot Garbus, VP-IoT Solutions Group & GM-Automotive...
Digital Innovation Giving Rise to New Capabilities
By Gregory Morrison, SVP & CIO, Cox Enterprises
Staying Connected to Organizational Priorities is Vital...
By Alberto Ruocco, CIO, American Electric Power
Comprehensible Distribution of Training and Information...
By Sam Lamonica, CIO & VP Information Systems, Rosendin...
The Current Focus is On Comprehensive Solutions
By Sergey Cherkasov, CIO, PhosAgro
Big Data Analytics and Its Impact on the Supply Chain
By Pascal Becotte, MD-Global Supply Chain Practice for the...
Technology's Impact on Field Services
By Stephen Caulfield, Executive Director, Global Field...
Carmax, the Automobile Business with IT at the Core
By Shamim Mohammad, SVP & CIO, CarMax
The CIO's role in rethinking the scope of EPM for...
By Ronald Seymore, Managing Director, Enterprise Performance...
Driving Insurance Agent Productivity with Mobile and Big...
By Brad Bodell, SVP and CIO, CNO Financial Group, Inc.
Transformative Impact On The IT Landscape
By Jim Whitehurst, CEO, Red Hat
Get Ready for an IT Renaissance: Brought to You by Big...
By Clark Golestani, EVP and CIO, Merck
Four Initiatives Driving ECM Innovation
By Scott Craig, Vice President of Product Marketing, Lexmark...
Technology to Leverage and Enable
By Dave Kipe, SVP, Global Operations, Scholastic Inc.
By Meerah Rajavel, CIO, Forcepoint
AI is the New UI-AI + UX + DesignOps
By Amit Bahree, Executive, Global Technology and Innovation,...
Evolving Role of the CIO - Enabling Business Execution...
By Greg Tacchetti, CIO, State Auto Insurance
Read Also
Building and Maintaining a Risk Averse Security Program
The Race to Digitize the Insurance Industry
FinTech Down, "But Not Out"
The Softer Side of Directing Digital Transformation
Why Digital Transformation Matters in 2023
Asset Tokenization Disrupting Finance and Trade of Real-world Assets
