Develop Your Privacy Habit: Beyond Dreaming to Action

Author: Mark Zahorik Data Privacy Officer & Head Of IT Operations | OPMG

Discover the key to operational data privacy transformation. Learn why it’s crucial and how to implement it effectively.

Mark Zahorik, the data privacy officer & head of IT operations at Omnicom Precision Marketing Group, navigates the journey of embedding a data privacy culture within your business. Learn how collective responsibility and operational strategies can enhance consumer trust and ensure a safer, more secure future for both customers and companies alike.

Data privacy has become a forefront issue among leaders, and it is recognized as a crucial business need. Consumers are aware of this, with many placing a high priority on data privacy for their browsing and purchasing decisions. This sentiment is supported by the 2023 IAPP Privacy and Consumer Trust report, which reveals that nearly 68% of the approximately 5,000 global consumers surveyed are concerned about their data privacy. It is more than a fleeting concern; it is a key factor influencing where modern consumers shop online.

Furthermore, as technologies evolve, consumers recognize that privacy risk levels also change. According to the IAPP report mentioned above, 57% of respondents stated that using artificial intelligence (AI) in collecting and processing personal data posed a significant threat to their privacy.

Businesses recognize the importance of data safety and security; however, the journey toward organizational privacy remains largely uncharted. Although companies strive for a data-secure environment and affirm their dedication to privacy measures, the practicality of developing a “privacy culture” is too often overlooked.

A few years ago, data compliance was primarily the concern of legal teams. Lawyers were responsible for understanding data regulations and disseminating relevant information to the rest of the team on a need-to-know basis. Today, responsibility for data privacy extends beyond merely interpreting regulations; it encompasses the behavior of the entire organization, including the C-Suite, IT teams, marketing, sales, and customer service departments. In other words, it involves everyone.

It is time for businesses to transform their data privacy strategy into manageable, operational actions that the entire team understands and for which they assume responsibility.

Easier said than done, right?

Why Is Operationalizing Data Privacy Such a Challenge?

How can we begin to make data privacy an organization-wide priority? Why is it so hard to achieve operationalized data privacy — to create a “privacy habit?”

Organizations often include a network of roles and responsibilities. Each organizational stakeholder possesses a different lens to “operationalize” data privacy effectively. Various departments and lines of business may communicate distinctive perspectives and questions about data privacy, demonstrating different levels of understanding. This diversity impacts the establishment of daily awareness and routines around privacy.

Creating a solid set of data privacy operations requires empowering individuals (not just Data Protection Officers or DPOs) to contribute to the effort. Departments previously uninvolved must make space for data privacy tasks in their workflows. Privacy cannot be achieved through authoritative directives given to understaffed teams. Instead, executed through influence rather than authoritative commands, the responsibility of nurturing data privacy lies within the organizational framework.

Achieving overall, company-wide operationalized data privacy requires the application of organizational learning and operational efficiency techniques. Organizational privacy habits and operational efficiency must merge into one harmonious process the team utilizes to deliver its daily business objectives. This more inclusive approach ensures data privacy becomes a collective responsibility, not a siloed task. This is the essence of a “privacy habit.”

How to Create a Privacy Habit

Developing operational data privacy may seem complex, but the key lies in “getting things done” regarding data privacy in your business. Aim for progress, not perfection.

Initiating any organizational change presents challenges involving numerous stakeholders, diverse roles, various technologies, and different mindsets and ways of working. This is why viewing privacy as a set of habits is essential.

Crafting a strategy will help you habitualize data privacy in a structured and secure manner that is also responsive to the evolving landscape of data regulations and consumer demand. A data privacy strategy encompassing four focus areas will aid team members in accepting and understanding their goals and responsibilities.

1. Focus on the “what”: Making data privacy clear

Focusing on the “what” entails clarifying data privacy for the different members of your team. What is data privacy? What are the expectations of the company and consumers regarding data privacy? What does good privacy look like? Clarity is crucial for everyone to stay on the same page and to ensure that no one feels out of the loop or overlooked.

2. Focus on the “why”: Making data privacy attractive

To effectively implement large-scale operational changes, every organization member needs to understand why they are doing what they are doing. Why is data privacy important? Does it pose a risk to the business (e.g., regulation, end client exposure, etc.)? Why is it part of the responsibility of the X or Y department? Taking the time to emphasize the end user’s safety remains essential for keeping stakeholders engaged in forming data privacy habits.

3. Focus on the “how”: Making data privacy easier

After addressing the “what” and the “why,” the challenge lies in unraveling the “how.” How can team members effortlessly adapt data “privacy habits”? Like any habit, data “privacy habits” should be broken down into manageable chunks, making them easier to incorporate into their complex working lives. But how can opportunities for automation in reporting, auditing, and self-documenting processes streamline data privacy operations?

Integrating privacy principles within existing business routines and providing clear templates guide team members in executing their part in the data privacy operation. Instituting regular reviews with input from everyone ensures that actions remain relevant and attainable. Moreover, adopting a continuous improvement approach aimed at removing ‘friction’—by eliminating non-value-adding steps or making valuable steps easier—enhances compliance and simplifies the practice of data privacy within the organization.

4. Focus on the benefit: Making data privacy satisfying

Recognized stakeholders may need extra engagement to remain data privacy advocates, especially as the climate changes and demands on the business shift. Remind them of the benefits of privacy to ensure habit-forming actions remain intact. This is also an opportunity to reduce inefficiencies and labor efforts for data privacy operations.

Operationalizing data privacy is an important and multifaceted business challenge. It requires decision-makers to slide privacy up the roster of priorities and invest time in taking habit-forming actions. It is no longer enough to imagine a data-secure future; businesses must execute that future, practicing consistency and efficiency.

As AI and other technologies become increasingly part and parcel of our working lives, businesses must bridge the gap between consumer expectations, data privacy regulations, and business processes. Delivering data privacy develops customer trust and a competitive edge. Organizations able to forge privacy habits into their delivery processes will become leaders in their customers’ eyes…and wallets.

Mark Zahorik

Data Privacy Officer

Read full article here: