The key themes for this year’s Data Privacy Day are respecting privacy, safeguarding data and enabling trust. In light of new legislation that will be introduced in 2018, Simon Merrick, principal digital transformation consultant at Agilisys, uses today as an opportunity to share his view on the impending implications of data privacy on the public sector.
Parents and guardians of young children up and down the country will not be surprised when I say that my daughter learnt how to use an iPad without any training at the age of four, and could swipe from one game to another with more ease than she could feed herself.
I, like many parents, worry about what she can – and will increasingly – have access to or be exposed to digitally. My control of her digital privacy will almost certainly diminish as she grows. I take heart that right now, aged seven, I have relatively good control. Or do I?
In truth I only really have to trust the school she goes to who hold increasing amounts of digital personal data on her…and then there’s the NHS, our local council and a few online child and family related websites we use. Oh and Facebook, and my email account where we’ve sent or posted pictures and talked about my daughter.
The reality is that without active control and awareness, we are willingly giving our data privacy away. We have no choice but to trust the public sector organisations with whom we share our personal data. When that trust is abused or lost and we find our personal data has been compromised, we are suddenly actively interested in changing passwords or in some cases stop using a service altogether. By then, of course, it is all rather too late. Sadly, data privacy breaches are becoming regular headline news and the public sector is quickly recognising the potential social, economic and security impact of such failures of trust.
I am delighted to say the UK Government is taking a lead on this. It cites the impact of technology and cyber-threats as one of four key security challenges facing the UK. The National Cyber Security Alliance’s StaySafeOnline campaign seeks to increase security awareness at home, work and play in the UK.
The importance of respecting data privacy, safeguarding data and enabling trust will be thrust into the limelight on 28 January as Data Privacy Day seeks to raise the volume on this challenging aspect of our digital lives and global economy.
For businesses and the public sector though another significant date, 25 May 2018, should be in their diaries and that is the enactment of the EU GDPR. This new regulation will supersede the UK’s existing data protection act and significantly increases the fines that can be levied on organisations that fail to respect data privacy when processing EU residents’ personally identifiable information. Even if the UK leaves the EU, current government announcements support retention of the regulation beyond Brexit.
There’s much that can be done by public sector organisations to continue to earn that trust with their digital citizens. Let’s start with Data Privacy Day, which stands as the signature event in a greater privacy awareness and education effort. But we should also focus on year-round initiatives that educate citizens on how they can ‘own’ their online presence. Let’s also show government organisations how protecting data and individual privacy ‘by design’ is integral to the future of the public services they deliver.
Survey reveals councils need to do much more to protect data - with a quarter yet to appoint a data protection officer
Public authorities have been reminded of the need to meet the common Public Sector Network standards
New research has highlighted how organisations are failing to protect data properly, especially when utilising mobile working
Staff culture is still the most common reason for mobile working projects failing in the public sector, according to a new report on mobile working