We live in an unprecedented digital age where our data is collected all the time. As automation and electronic systems increase, the amount of data we generate increases along with it. It is estimated that around 79 Zezzabytes of data was generated in 2021 worldwide (one Zezzabyte is equal to a billion Terabytes).
While a legal and regulatory framework govern how organisations and businesses can obtain, store, and use data, there are ethical considerations that need to be embedded into this framework. A failure to take a holistic and considered approach may lead to data breaches, hefty fines, reputational and brand damage, not to mention the scrutiny from the court of public opinion! It seems that consumers, clients, and the public at large expect a higher ethical standard over and above “black letter law”.
Why does that matter?
Clients and consumers see businesses and organisations as the trusted custodians of their data and need to know that this data is valuable and will be treated as such. Data hygiene is important to end-users as data can easily be manipulated and lead to negative outcomes if it lands in the wrong hands.
Unless businesses and organisations plan for various scenarios and have a playbook for a data breach, they will not know how to handle one. Clients and consumers expect transparency and accountability when it comes to data processes. This includes the procedures that will be followed when things don’t go to plan, how that will be rectified and what risk mitigating steps will be taken to decrease the likelihood of it happening again.
What is the solution?
What should businesses and organisations consider?
Businesses and organisations can consider holding themselves to their values and mission statements by ensuring that their decisions and data handling processes are dictated by their values and vision.
Below are some helpful considerations that businesses and organisations can turn their minds to: –
- What do we use client/end-user data for?
- Why is that data important to us?
- What is the legislative framework for our data collection and use?
- What is our baseline for data handling?
- Does our baseline data handling meet client/end-user expectations?
- How do we lift the baseline to an ethical standard?
- How do we internally govern privacy and data handling?
- How do we audit, monitor, and remediate our data handling?
- How do we operationalise our data handling principles?
The answers to these questions will vary from one business or organisation to the next. Processes and procedures will most likely need to be tailored to meet internal needs and external client expectations.