Check out the on-demand sessions from the Low-Code/No-Code Summit to learn how to successfully innovate and achieve efficiency by upskilling and scaling citizen developers. Watch now.
Privitar this week revealed it plans to make available a platform that enables IT teams to provision data end users can access via a self-service portal in a way that complies with privacy regulations.
The Privitar Data Provisioning Platform, available in beta in the second quarter, extends the platform the company currently provides to create, approve, and apply privacy policies, Privitar chief product officer Steve Totman told VentureBeat. The platform is expected to be generally available before the end of the year, he added.
Organizations of all sizes are now trying to navigate the large number of privacy regulations being enacted around the globe, Totman noted. But the processes they have in place to ensure employees only access data that complies with those regulations are immature, he said.
The Privitar Data Provisioning Platform aims to ensure that the data being accessed by end users complies with regulations such as the General Data Protection Regulation (GDPR) enacted by the European Union and the California Consumer Privacy Act (CCPA).
The data management issues around privacy regulation are especially complex in the U.S. There is as yet no national policy for data privacy, so individual states are advancing regulations on their own with slight differences. The Privitar Data Provisioning Platform will enable organizations to implement a set of best data operations (DataOps) practices that reduce their risk of running afoul of these regulations, Totman said.
As part of that effort, Totman said the Privitar Data Provisioning Platform will be integrated with data governance platforms and data catalogs such as Collibra, as well as data intelligence platforms like BigID.
Data privacy issues, in conjunction with digital business transformations, have heightened interest in a more comprehensive approach to data management. Data has historically been managed within the application employed to create it, but multiple applications wind up collecting data from the same customer while rendering their name differently. Across hundreds of applications, that issue creates thousands of opportunities for data to be created that conflicts with data in another application.
Data access and liability
Meanwhile, data privacy requirements have cast a spotlight on the problem of end users accessing data in a cavalier manner. This can result in end users gaining access to a wide variety of personally identifiable information (PII) that violates one or more compliance regulations or privacy laws. Those privacy laws in some cases now require organizations to generate reports addressing customer demands to detail how the organization actually employs their data. Other regulations might even go so far as to require organizations to track what data was accessed by not just which parties but also when.
These requirements have led some organizations to appoint chief data officers tasked with turning data into an asset while limiting any potential liability. “Data is an asset unless it isn’t treated well,” Totman said. “Then it’s a liability.”
The way forward
It may take organizations years to clean up a data management issue that in some cases has been allowed to fester for decades. On the plus side, organizations have never been more motivated to address these issues — out of both fear and potential gain. For one thing, organizations that manage data well are less likely to be fined. And those that can turn data into an asset that enables them to have better relationships with customers are much more likely to thrive in the age of digital business transformation.
Regardless of how data is managed, there is more of it with each passing day, which increases the probability data will at some point be mishandled. The degree to which that event results in a rebuke versus a fine will almost always come down to whether an organization can demonstrate it isn’t a reckless custodian of the data it collects.
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.