Search

Legal Departments Need More Control Over Corporate Data Compliance Programs | Corporate Counsel - Law.com

sambitasa.blogspot.com
Data privacy Photo: Shutterstock

Although best positioned to understand the patchwork of different data privacy laws across the country, only one in six legal departments are tasked with ensuring that data is managed in compliance with those laws, according to Exterro Inc.’s 2020 Corporate Legal Leaders Survey.

Bill Piwonka, chief marketing officer of Exterro in Beaverton, Oregon, told Corporate Counsel that there is an increasing number of legal departments taking charge of data compliance. However, 54% of respondents indicated that corporate information technology functions are tasked with ensuring data is managed to comply with different legal requirements.

“All of the issues surrounding legal, governance, risk and compliance all start with the fundamental element of data,” Piwonka said. “How companies collect, store and access data determines the amount of risk that data poses to the organization.”

Legal is best suited to understand the various reporting times for when a data breach occurs and the risks associated with holding on to consumer data longer than required by law. While many general counsel acknowledge the importance of deleting data, seven out of 10 of the general counsel who responded indicated that their organization does not have a data minimization/deletion program. Only one in five respondents indicated their organizations had a plan in place for managing data in relation to privacy, legal, compliance and cybersecurity issues; however, 99% of respondents recognized the importance of such a plan.

“All of this is very important, but the reality for us (and I know from many conversations with other GCs at other organizations) is that we are severely overworked, overwhelmed and understaffed, so the urgent crisis always takes precedence over the ‘we need to do’ list,” an anonymous general counsel who responded to the survey said.

Many corporations have taken the view that data storage is cheap, Piwonka said, and they do not want to miss out on business opportunities data can provide.

“No one wants to push the button to delete something,” Piwonka said. “If you permanently delete something that did have business value, that can be a career-eliminating move.”

Companies that fail to regularly delete the data they’re not legally required to keep could face the risk of having that data used against them in litigation and compromised during a data breach. There are also regulatory actions companies could face if they hold onto consumer data longer than necessary.

“If you’re keeping data that you shouldn’t be, you’re in violation of the CCPA [California Consumer Privacy Act],” Piwonka said.

Over 150 general counsel and chief legal officers responded to the survey. They come from organizations with legal departments that have less than five employees to those with more than 50 employees.

Let's block ads! (Why?)



"need" - Google News
June 12, 2020 at 03:58AM
https://ift.tt/3dWgMuz

Legal Departments Need More Control Over Corporate Data Compliance Programs | Corporate Counsel - Law.com
"need" - Google News
https://ift.tt/3c23wne
https://ift.tt/2YsHiXz

Bagikan Berita Ini

0 Response to "Legal Departments Need More Control Over Corporate Data Compliance Programs | Corporate Counsel - Law.com"

Post a Comment

Powered by Blogger.