Sunday January 28 is Data Privacy Day. For developers it’s a great opportunity to take a step back and assess whether, and how, you’re building software that accounts for user privacy and data stewardship.
The National Cyber Security Alliance hosted an event this week to celebrate greater privacy education and awareness, and how data, privacy, and their relationship to one another have evolved at a significant rate in response to rapidly-changing technology. The participants had several insights that stood out to me to share with the Alliance audience, particularly as we embark on our data and trust education initiative.
Michelle Dennedy of Cisco closed her remarks with an important reminder that privacy engineering happens at the usability layer, the information layer, and the infrastructure layer, including identity management, data storage, and data hygiene “everywhere in between.” This is so important for developers to consider in all of their projects -- data and privacy regulations and good stewardship start at the beginning of development, whether you’re building a new technology to launch or working on a project for clients.
When it comes to regulations’ role in privacy and innovation, Alison Shaffer from Intel recommends that “the more a company can build to a regulation, or can instill that culture in their workforce [...] they’ll be able to differentiate themselves.” This principle is at the heart of the Alliance. We educate policymakers and advocate for the software developer industry by encouraging policies that allow developers to work in an open, collaborative market. But it’s also incumbent upon the developers to make sure their software is up to code with regulations governing data and privacy.
For instance, developers everywhere need to pay attention to the General Data Protection Regulation (GDPR) that goes into effect in May. Companies with European users will be required to follow new rules and add new processes around how they collect, store and use data. Similarly, software in the healthcare industry must be HIPPA compliant. If you are following laws and regulations from the get-go, you’ll be a step ahead of the competition and already building user trust.
I encourage our members to take a closer look at their own data practices, not just in preparation for new regulations like GDPR, but for your long-term success. As you do this deep-dive, let us know if you have any best practices that you’d want to share for our data and trust project. Connect with us soon as we’re preparing materials to launch.
Happy Data Privacy Day to all.