NIST Privacy Framework : Our Essential Data Protection Guide


New Survey Signals Need for Smoother Implementation of Data Governance Technologies and Processes

Privacy-Grade data protection bridges gap by providing greater visibility and firm control of data without impeding user productivity

ST. PETERSBURG, FL, March 16, 2021 /24-7PressRelease/Spirion, a pioneer in data protection today announced the release of Deliver Effective Sensitive Data Protection with 3 Must-Have Standards, in collaboration with 451 Research, part of S&P Global Market Intelligence. Commissioned by Spirion, the report summarizes real-world feedback from 375 enterprise security professionals about their data privacy program’s organizational dynamics and the critical technological capabilities they rely on to support privacy programs amid increasingly complex regulations.

451 Research completed the survey in January 2021. The survey was designed to understand the technological and workflow practices, pain points, and limitations related to data privacy functions, such as data discovery, data classification, and data remediation.

The survey results reveal that 74% of organizations currently struggle to implement data usage and access policies—necessary for data privacy—without hampering business user productivity. Privacy-Grade data protection, through a combination of technologies and techniques, can effectively close the gap to ensure personal data protections are persistently enforced across the enterprise. It does so by providing the ability to detect and discover potentially vulnerable data, mechanisms for meaningful classification of data, and remediation capabilities that work in near real-time, allowing employees to securely access information with minimal friction.

“An organization’s ability to identify, retrieve, and remediate data associated with a particular individual or data subject are all quantifiable measures that are directly correlated with data privacy program efficacy and success,” said Paige Bartley, Senior Analyst for the Data, AI and Analytics channel at 451 Research, part of S&P Global Market Intelligence. “While less direct, the general efficiency of data-consuming individuals within the organization can indicate whether a privacy program is well-aligned with the organization’s overarching business objectives. Data can both be protected and used appropriately, but doing so requires the careful orchestration of people, processes, and supporting technology.”

“Responsibilities for data privacy practices are frequently spread across roles and departments, highlighting the need for a methodology that spans business functions,” said Jen Holtvluwer, Chief Marketing Officer at Spirion. “Privacy-Grade data protection embraces this reality by persistently protecting data in motion as soon as it is defined as personal. It also augments the human and process-oriented elements of an organization’s data privacy effort to support workflows and management of responsibilities.”

One of the more significant findings of the study is the fact that organizations with privacy programs spanning multiple regional regulations are better equipped to meet external Data Subject Access Requests (DSAR) deadlines while also supporting the data access requirements of internal line-of-business users without hindering their productivity. This finding suggests that strong data privacy programs likely increase overall awareness of data resources within the organization, contributing to better governance and outcomes across multiple data-driven initiatives.

Other key survey findings include:

  • Data privacy programs today have significant variations in their leadership and methodology.
  • For organizations with a multi-regulation privacy program, 53% report data privacy as a function of security.
  • Dedicated technology is common, with 82% of respondents reporting their organization uses a data privacy software or suite: defined as a technology primarily dedicated to helping organizations coordinate responsibilities and meet requirements related to data privacy.
  • The top-reported benefits to using automation in data privacy are higher confidence in compliance capabilities (38%), improved time efficiency (36%), and the ability to protect more data (35%).
  • Organizations that do not have a multi-regulation privacy program report much longer average times to retrieve data. Overall, 28% of organizations take “several days” or longer to retrieve data.

Privacy-Grade Data Protection
Privacy-Grade creates a baseline for privacy technology. The term defines a set of quality standards that facilitate better data protection practices. Data discovery, storage, and control form the core of Privacy-Grade. A data protection solution is considered “Privacy-Grade” when it can accurately discover, purposefully classify and automatically remediate any information defined as personal anywhere it resides within an organization.

Join us for a webinar with 451 Research’s Paige Bartley to look at how contemporary organizations are handling data privacy and data protection requirements: Privacy-Grade: Three Quality Standards for Sure-Fire Data Protection.

About Spirion
Spirion has relentlessly solved real data protection problems since 2006 with accurate, contextual discovery of structured and unstructured data; purposeful classification; automated real-time risk remediation; and powerful analytics and dashboards to give organizations greater visibility into their most at-risk data and assets. Spirion’s data protection software enables organizations to reduce risk exposure, gain visibility into their data footprint, improve business efficiencies and decision-making while facilitating compliance with data protection laws and regulations. The award-winning company recently received top honors for Data Classification and Governance Solution, and Privacy Solution in the 17th annual Cyber Security Global Excellence Awards and was recognized for its Data Classification and Privacy Product in the 2021 Cybersecurity Excellence Awards.