Working with Big Data Consulting Firms to Reduce Risks Tied to Big Data Compliance
Like any other technology, there are rules and regulations that govern big data. If you are looking into using big data solutions, it is never too early to start. Big data has changed the landscape because of the vast amounts of information coming in from different and usually new sources. What makes it more complex is that big data is often transformed and repurposed. All of these give companies new challenges that are unique and might necessitate a change in compliance policies, especially where security, safekeeping and privacy are concerned. And big data consulting companies might be able to help.
Michael R. Overly, a Technology Transactions & Outsourcing and Privacy, Security & Information Management Practices partner at Foley & Lardner LLP’s Los Angeles arm, says that big data compliance can present unique challenges with the increasing number of regulations, standards, contractual obligations and laws that relate to it. These challenges can sometimes prove to be overwhelming. In the confusion and deluge of data, most businesses tend to develop a narrow vision when it comes to big data. For instance, they tend to focus more on making sure that there are personally identifiable information that are well safeguarded and secured, but they neglect securing other critical information that are related to their marketing efforts, trade secrets and other things. Comparing the new big data landscape to a forest, Overly says that most businesses are looking at a single tree or branch rather than the big picture.
Big data comes from a wide variety of sources. It could come from photos, videos, other companies that have sold their own data, audio clips, and other similar sources. These data are then cleaned up and mashed up by data analytics consulting firms or in-house data analysts in order to prepare them for analysis, so that they could deliver insights that business leaders need. In short, raw data is transformed. For example, Michael Shirley, 24, living at 555 Rodeo Drive, will be anonymized and will become millennial man in zip code 90210 with income of more than $100,000. This, in turn, may get transformed again to rich young male in California. When this happens, traditional compliance functions may be a little difficult to apply because the data you get are almost always transforming and changing.
So what do you do? Overly suggests that enterprises create their own corporate framework that would help them deal with compliance when it comes to big data. This would include addressing the data, knowing the systems where the data are located, knowing the various people who can access the systems, and knowing if the data can be accurate or not.
Other concerns related to big data compliance include:
- Evaluating the risk of different types of big data.
- Protecting intellectual property.
- Legally disclosing the nature of data being taken from customers and other stakeholders.
Overly further suggests that organizations use third-party big data consulting firms and auditors to help them in this process.
How do you lower the risks associated with big data compliance? Work with a big data consultancy firm and work out how to:
Evaluate your current compliance efforts.
There are only a few companies that put importance on their big data compliance. What most companies do is to have IT guidelines that would govern security, privacy and data safekeeping. These guidelines are used for transactional system of records. There are companies that also publish yearly security and privacy statements that are meant to be read by their customers and stakeholders.
Part of data governance is to answer several related questions including the following:
- How do your customers feel about the data that is being gathered about them, whether these data are gathered on the Internet, through social media, sensors, chips, RFID chips, loyalty cards, and other technologies?
- Who will own and control these data?
- What is the trade-off between privacy, security, rights, and making use of the data for innovations and other services?
- How do you ensure data quality and interoperability? What curation systems should you use?
- What is the impact of big data on the company’s current legal, regulatory and communications systems?
The sad truth is that very few companies have policies in place that would sufficiently address the ownership, security and privacy of data, especially when they decide to sell it. With data always changing, businesses should know at which points should compliance be enforced, and how to do that.
Review current systems for security and protection.
Paper records still exist, although a lot of organizations have started digitizing these paper records and building on them. These records often contain confidential information. For instance, a health care institution would have paper records that include patient health information, banks will have paper financial records of their clients, while others would have patent designs and trade secrets.
For most of these organizations, there are already security and protection policies in place to help secure these records. These policies include limiting access to the system to certain people and limiting access to the room where these records are kept. With big data coming into the picture, these traditional records are often paired with third-party data and other systems of record to help make them even more useful. For instance, patient information would be paired with sensor readings coming from the patient’s Fitbit to help paint a more comprehensive health picture. And if this were the case, your traditional compliance policies would need to be updated and revisited.
Introduce new strategies for big data compliance management.
Your organization might be used to using relational databases that have structured data. These databases are very easy to search and sensitive information is easy to identify and access. With big data, that is not the case. Data could be unpredictable and not structured in anyway, thus search is almost always a waste of time. That means that searching for confidential and sensitive information, which would need to be protected because of regulatory laws, is also impossible. And this is the reason why you need new strategies to manage your compliance with big data involved.
Need help with your big data services? Four Cornerstone could easily act as a big data strategy consulting partner for your business. We can also help you take advantage of the various technologies that can help you harness the power of big data without the risk, with specialized offerings such as Hadoop consulting, as well as other big data solutions. Just fill out our short contact form or call us!
Photo courtesy of KamiPhuc.