Understanding risk is vital to the operation of a mature privacy program. Many privacy laws around the world, including the EU General Data Protection Regulation, are essentially exercises in risk assessment. What is the appropriate protection and policy, privacy pros are constantly asked, for a given data set? The answer to this question demands risk assessment. Luckily, because the U.S. Securities and Exchange Commission requires most publicly traded companies to annually disclose potential risk factors, including exposure to cybersecurity threats and violations of consumer privacy laws, the IAPP Westin Research Center is able to examine how many of the world's largest companies assess risk and track that over time, providing a benchmark against which companies around the world can look at their own risk assessments. In this third annual "Privacy Risk Study," you'll find significantly higher concern about risks of legal action from privacy law violations, which jumped nearly 20 percent over last year, along with many other valuable insights. (IAPP member login required to access this report.)
If you want to comment on this post, you need to login.