Services Industries Cloud Cybersecurity Digital EngineeringNXT HOLMES Geographies

Service Offerings

Data, Analytics & AI
Applications
Digital Operations and Platform
Consulting
Infrastructure Services

Service Offerings

Data, Analytics & AI
Applications
Digital Operations and Platform
Consulting
Infrastructure Services

Client Themes

As a service
Big Data
Blockchain
Cyber Security & Enterprise Risk
DevOps
Enterprise Ops Transformation
Industry 4.0
Open Source
Product Lifecycle Management
Software Defined Everything

Client Themes

As a service
Big Data
Blockchain
Cyber Security & Enterprise Risk
DevOps
Enterprise Ops Transformation
Industry 4.0
Open Source
Product Lifecycle Management
Software Defined Everything
Aerospace & Defense
Automotive
Banking
Capital Markets
Communications
Consumer Electronics
Consumer Packaged Goods
Education
Engineering, Construction & Operations
Healthcare
Insurance
Medical Devices
Natural Resources
New Age Markets
New Age & Media
Network & Edge Providers
Oil & Gas
Pharmaceutical & Life Sciences
Platforms & Software Products
Industrial & Process Manufacturing
Professional Services
Public sector
Retail
Semiconductors
Travel & Transportation
Utilities
Aerospace & Defense
Automotive
Banking
Capital Markets
Communications
Consumer Electronics
Consumer Packaged Goods
Education
Engineering, Construction & Operations
Healthcare
Insurance
Medical Devices
Natural Resources
New Age Markets
New Age & Media
Network & Edge Providers
Oil & Gas
Pharmaceutical & Life Sciences
Platforms & Software Products
Industrial & Process Manufacturing
Professional Services
Public sector
Retail
Semiconductors
Travel & Transportation
Utilities
America
country usa
United States
country canada
Canada
country brazil
Brazil ( English  |   Portuguese )
country maxico
Mexico ( English  |  Spanish )
country latam
Latam
Continental Europe
country benelux
Benelux
country nordic
Nordic
country france
France
country dach
Dach ( English  |  Deutsch )
Africa
United Kingdom & Ireland
Asia - Pacific
country
Asean
country
Korea
country
China
country
Australia
country
Japan ( English  |  Japanese )
country
Taiwan
India & Middle East
country India
India
country
Middle East
Global Site
America
country usa
United States
country canada
Canada
country brazil
Brazil ( English  |   Portuguese )
country maxico
Mexico ( English  |  Spanish )
country latam
Latam
Continental Europe
country benelux
Benelux
country nordic
Nordic
country france
France
country dach
Dach ( English  |  Deutsch )
Africa
United Kingdom & Ireland
Asia - Pacific
country
Asean
country
Korea
country
China
country
Australia
country
Japan ( English  |  Japanese )
country
Taiwan
India & Middle East
country India
India
country
Middle East
Global Site
< Manohar Ganshani

The growing importance of privacy and confidentiality

Services
Industries
Cloud
Cybersecurity
Digital
EngineeringNXT
HOLMES
Geographies
Contact Us
About Wipro
Careers
Locations
Leadership
Investors
Innovation
News and Events
Blogs
Analyst speak
Products & Platforms
Partner Ecosystem
Sustainability

January | 2013

Concerns about privacy protection are increasing steadily. With the burgeoning of e-commerce, the growing use of social media, and as more users use the internet for everything from filing their taxes to venting about their employers, there is a large amount of personal information that resides outside the user's protected domain. According to Gartner, data breaches, cloud computing, location-based services and regulatory changes will force virtually all organizations to review, and at least half of all organizations to also revise, their current privacy policies.

But first, let me detour a little bit, to explain the difference between confidentiality and privacy. Confidentiality is the assurance that certain information about a person will not be disclosed without his/her permission. Privacy is a person's desire to control the access of others to themselves. In other words, privacy relates to a person while confidentiality relates to data about a person.

Governments and regulatory authorities are taking steps to regulate the use of personal information, and organizations must execute a top-down approach of privacy impact management. Such an assessment needs to look at all the processes in the customer service delivery function - order handling, sales and service, billing, and call center - and going deeper into CRM, to retention and loyalty and other processes. In a nutshell, it should cover all processes within fulfillment, billing and revenue management as well as fraud management. ERP, email and employee portals should not be overlooked. There are four steps to be conducted during an impact assessment:

1. Define the privacy and the Personally Identifiable Information (PII) elements as well as the drivers

2. Create a PII inventory to match business processes and underlying applications and infrastructure

3. Carry out an impact assessment and determine the critical processes, their boundaries and touch points

4. Enforce privacy management through policies and frameworks to comply with the impacting regulations

Implementing the appropriate enterprise-wide privacy framework and adopting the right technology is critical. For example, it may be necessary initially to ferret out the PII data within the systems and then build the technical options for data protection. Other areas that are equally demanding are user awareness and training as well as privacy enhancing technologies that provide a degree of anonymity (which in turn builds trust and reduces risk), and monitoring and reporting violations. At a higher level, end-user entitlements, data storage at rest and at transit and third party agreements driven through the procurement and vendor relationship cells should not be overlooked.

Maintaining privacy and protecting personal information of the customers and the employees is important for all organizations. Privacy management should go beyond mere regulatory requirements, since it not only impacts an organization's reputation but can lead to financial losses due to loss of revenue and litigation.

About the Author

Manohar Ganshani heads the Governance Risk & Compliance practice in Wipro Consulting Services. He is a BE in Computers. Manohar carries 21 years of experience in the field of Information Technology with over 11 years in the area of Information security, IT security, Cyber security, Data privacy, Regulatory compliance, Security strategy, policy and architecture design. As a practitioner, he has handled many complex engagements in the risk and compliance space for the clients in US, EU, APAC apart from India. As a practice head he commands a significant experience on conceptualizing and developing new service lines around Cyber security, Social media security, Data privacy, Information security management systems, Payment card industry compliance solutions, Business continuity assurance services and Cloud security. As a thought leader, he has written and spoken on various issues like mobile security, cyber security, critical infrastructure protection, privacy for telecom, insider threat, social media security and social awareness etc. at various forums organized by the industry and state governments
X