Search

Search the portal for all insights below:

Generic selectors
Exact matches only
Search in title
Search in content
Search in posts
Search in pages
Other Sectors

Threading the Needle: Ethics and the Business of Data

In an age when the business world runs on the fuel of data, it’s not surprising that it is considered an intrinsic asset to organisations across the world. Why then, is it still so frequently managed like a bi-product? After all, those wells of information could dry up if companies fail to take into consideration the value and impact of personal information to individuals.

 

Fortunately, hacking your culture isn’t as daunting as it might first sound as it is, in fact, the process of identifying vulnerable points in a company’s culture and turning them into real change that sticks. So, how can businesses achieve this, and will it really improve productivity?

 

Undoubtedly, GDPR cast a spotlight on the importance of the ethical use of data. However, boundaries are still being pushed and companies are still unclear on what they can and can’t do. Businesses must, therefore, get to grips with these issues as failing to do so could leave individuals reluctant to share their personal information, potentially resulting in the company not having the data it needs to operate or function fully. In this blog, we’ll look at exactly how businesses can achieve this:

 

Take a clear view

 

The idea of information ethics extends beyond the concepts of fair dealing into the information space and provides the foundation for building trust with individuals regarding the collection, use and disclosure of their personal information. The first step in ethical data management is to understand the different aspects of building trust and the concerns individuals might have regarding handing over their personal data.

 

People tend to view allowing an organisation to have their personal information as a risk because they must rely on that organisation to protect and safeguard it. Often, people don’t have a clear view of how their data will be consumed and processed, and what will happen with their personal information. Businesses should take a clear view on the issues of how personal data is being stored, managed and used, in order to maintain trust with consumers.

 

Build a trust framework

 

To address the three concerns of risk, reliance and results, businesses must build a trust model for their interactions with individuals. Firstly, focusing on risk, they must be transparent about the handling and processing of personal information. Next, the organisation must stand behind what it does with the information and be accountable for anything that occurs that is not consistent with how it communicated the processing of it. Finally, the organisation must provide the individual with a map detailing the path of their data so they can see the lifecycle of the information relative to their relationship with the organisation. This framework will ensure they are operating in a way that is both compliant and ethical.

 

Promote the initiative company-wide

 

Additionally, despite the subject of privacy being a board-level and senior management risk issue, barely half of organisations have adequate controls in place. To change that, it is vital that the message of data privacy, the support for controls throughout an enterprise and the organisation’s stance on the ethical use of data comes from the top. To achieve this, an increasing number of businesses are appointing senior people to lead the governance and ethics roles. For instance, my role at InterSystems is Data Protection Officer, while other companies may have a Trust and Ethics Officer or Chief Ethics Officer. The responsibility of these individuals is to ensure the business maintains both compliance and trust. The creation of these roles sends a strong message that trust, and by extension, privacy, security, and ethics, are at the forefront of the culture of an organisation.

To ensure the entire company adopts an ethical approach to data, those at the top should ensure they use clear language when talking to employees about this issue. However, the harder job is making sure that what is said matches the actual activities that occur with personal information. Fortunately, by adopting a culture that includes a trust model of transparency, accountability and governance will provide a framework for the organisation to address this challenge.

 

Getting ahead of the competition

 

In the end, information ethics is a competitive differentiator as individuals now begin to choose which organisations that they will interact with depending on not just economic or convenience factors, but also how well the organisation protects and safeguards the personal information that it has.

Read more from Ken Mortensen here on the topic of ethics with Data Economy and ITProPortal.


Ken Mortensen

Data Protection Officer Global Trust and Privacy, InterSystems. As an attorney and engineer, Ken Mortensen is a privacy and security professional with over 20 years of legal and over 30 years of IT experience. Based in Cambridge, Mass., Ken currently leads Global Trust and Privacy at InterSystems as the Data Protection Officer. He works globally across the company to enhance information privacy, governance, and cyber risk processes. Before InterSystems, Ken served in a number of chief privacy and security roles at PwC, CVS Health, and Boston Scientific.