Print
Email
Print Edition Stories
Friday, April 24, 2009
How I See It
Further changes needed on data privacy rules
MHT's Jim Connolly: Pink slip parties make a comeback
MHT managing editor Rodney Brown on NECN: 22 tech companies give back to community
How is the economic crisis affecting tech companies?
The protection of personal information is fundamental. Commerce as we know it could not function without customers’ willingness to provide personal data when opening an account, entering into a service agreement or executing a transaction. Balanced regulation that reinforces data security practices, without further burdening compliant companies already grappling with a deep recession, could help to reinforce consumer confidence among Massachusetts residents. More work is needed to ensure that pending state data privacy regulation strikes this essential balance.
We all know the financial and emotional toll caused by lax corporate data security safeguards, criminal intent to breach those safeguards, or some combination of the two. The rise of e-commerce and the rapid evolution of technology-based business practices have given rise to equally rapid advancements in the field of consumer data protection. Today’s consumers have come to expect assurances of data security from companies they do business with and will quickly abandon companies that fail to meet those expectations.
As such, companies take great pains to see that their customer data is protected with the most advanced technologies and procedures available. Their reputation, profitability and long-term viability depend on it.
Yet security breaches can befall any company. For that reason, sensible regulation on data privacy may help to bring all Massachusetts companies up to a baseline minimum of standards. The Patrick Administration took a step in that direction in February when it released an amended set of data privacy provisions. The amended regulation incorporated revisions that the business community had worked for in recent public hearings and private stakeholder meetings, including: extending the general compliance date from May 1, 2009 to Jan. 1, 2010; removing the third-party vendor written certification requirement; and limiting the encryption requirements for wireless devices.
Despite these revisions, implementation of this first-in-the-nation data privacy regulation will not be without impact on our state’s economy. Changes to long-standing customer service practices, the diversion of operating funds to meet rapidly evolving encryption or inventory requirements and limitations on vendor selection are just a few of the results that we can expect. At a time when the U.S. is hemorrhaging jobs and states are aggressively competing to recruit and retain industries, the perception and reality of this sweeping new regulation will certainly make our work here more challenging.
These regulatory revisions reflect a more collaborative public-private approach to securing customer data than had been contained in previously proposed versions. Yet the business community and state government need to continue working on the issues this regulation raises, to avoid implementing it in a way that harms our competitiveness. We must continue working to ensure that this data privacy regulation focuses on bringing outliers up to baseline industry standard, rather than penalizing those companies already employing best practices; that it reflects the time, expense and resource required of regulated companies seeking to comply, rather than heaping costly, process-laden requirements onto companies at the height of an historic economic crisis.
Collaboration between government and business stakeholders in the coming months could help to secure these further revisions, increase awareness of and assist employers in complying with the new requirements, and advance the shared goals of secure customer data and a thriving, competitive business climate.
Paul Guzzi is president and CEO of the Greater Boston Chamber of Commerce.
RSS Feeds
Comments
Please Login/Register to post comments.
No comments have been added or approved.