E-CommerceALERT.com is part of the Bennett Gold LLP web site network.
LINK TO: Bennett Gold LLP, Chartered Accountants, home page.
LINK TO: E-CommerceALERT.com Home Page.
CLICK to GO BACK to Main Page.

Research and retrieval of news articles by Bennett Gold LLP, Chartered Accountants

Effective December 31, 2012, articles are no longer being updated on this web site.
The site is now maintained as an historical archive, covering articles from the period 1999 to 2012.


Source: eWeek

Posted on April 23, 2003 (Happy Birthday to our Chief Researcher)

      There are some supremely knotty questions surrounding the issues of privacy, especially for enterprise IT professionals, whose very jobs put them in the unique and sometimes perilous position of having to protect data on many fronts.

      "Privacy for Data Systems," the topic of an invitation-only symposium held earlier this month at IBM's Almaden Research Center, explored some of the privacy challenges faced by enterprises and the role IT managers have to play in ensuring that private data is secured.

      Sept. 11, 2001, shone a glaring spotlight on privacy. People who had never given a second thought to privacy were suddenly willing to give it up because of terrorism fears.

      Things have become a bit more balanced since then, but the issue of who has the right to know what -- and who has the right to obscure what -- can be complex, troubling and potentially dangerous for companies that don't have their organizational culture, policies and technical systems in order.

      IT managers should start a discussion on privacy that enables company management to remain at least a step ahead of the many privacy regulations that are likely to emerge during the next several years. IT experts, for example, are uniquely positioned to advocate data storage and access policies that protect customers and employees from the kinds of increased surveillance activities that are being developed by organizations including DARPA (Defense Advanced Research Projects Agency) and the FBI.

      Rakesh Agrawal, chairman of the Almaden symposium and IBM fellow, spoke with eWEEK Labs about some of the tough data privacy questions facing IT.

      "Until now, the question has been how to make sure data was stored and accessible," said Agrawal at the symposium, in San Jose, Calif. "Now, we think about how to make databases 'forget' information that is no longer needed. We are working on the question of associating information about data expiry."

      Before a database can forget in a responsible and planned way, however, it must know. This means customers must provide valuable, private, personally identifiable information. Based on our research of privacy statements and discussions at the symposium, it is clear that IT managers can lead a re-evaluation of company policy that places customer privacy first.

      For example, Ann Cavoukian, Ontario privacy commissioner and author of "The Privacy Payoff" recommended that enterprises look at privacy as a business concern rather than a compliance issue. "Businesses should embrace privacy and show customers that their private information will be used only with their permission, full stop," Cavoukian said. "In the online world, trust is practically synonymous with privacy."

      Companies would do well to aggressively market simple, strict privacy agreements to customers. One of the biggest benefits is that the company gets ahead of the evolving, mutable consumer privacy legislation. If a company's privacy policies convey the idea that customer data will never be used for anything other than the original purpose of the transaction, lawyers will have a lot less to fiddle with.

      Organizations required by law to keep data private -- such as health care agencies and financial institutions -- can still make stringent privacy a distinguishing characteristic. For example, while HIPAA ( the U.S. Health Insurance Portability and Accountability Act) requires that all organizations handling patient information comply with the same rules regarding access and maintaining audit trails, assured timely access could be a selling point. Making sure that a doctor or nurse is never denied appropriate access, for example, is a major concern for many hospital IT directors.

CLICK to GO BACK to Main Page.

E-Commerce Alerts are issued by Bennett Gold LLP, Chartered Accountants as situations develop. Bookmark this site and check back often. Our e-mail address is: info@BennettGold.ca

In accordance with United States Code, Title 17, Section 107 and Article 10 of The Berne Convention on Literary and Artistic Works, the news clippings on this web site are made available without profit for research and educational purposes.

Final Entries

LINK TO: Bennett Gold Chartered Accountants: A Licensed Provider of WebTrust Services.

WebTrust Is Your
Best Defense
Privacy Breaches.

Get WebTrust
Working For
Your Site.