SUMMARY OF DISCUSSION

 

What is the discussion about (overview of group discussion)?

Value of data vs risk of data breach

 

What are the critical areas discussed and why it was imperative to the group?

Critical discussions – key to establish governance and rules, as well as establish data owners who make decisions

 

What are three to four takeaways from the discussion?

  • Data is good for business
  • Balance risk of exposure vs potential business value of data
  • Must have valid business justification for data use and access
  • Best to aggregate and anonymize data to minimize risk

 

Do you have any recommendations to share?

Recommendations included – orgs to appoint a Data Privacy Officer who will dictate retention rules, access rules, etc. Act as a liaison between security, business, and legal.