Employers are expected to invest more money to protect personal information in response to increased government regulation and enforcement and to stem the rising tide of risk, according to a new report released by Ernst & Young.
The report, "
"In an increasingly borderless business environment, protecting personal and professional information is a paramount concern," says Bernie Wedge, who heads the Americas information technology risk and assurance practice at Ernst & Young.
"New technologies associated with mobile communication, social networking and cloud computing have erased the boundaries of how we do business today, but while these new technologies provide tremendous opportunities, they also present new privacy risks for organizations and employees alike."
In addition to increased investment, the report details several inter-related trends that affect
• Gradual transitioning to cloud computing that demands robust vendor risk management and third-party reporting capabilities to address privacy risks;
• Increasing use of mobile devices that should require organizational management of geo-location abilities;
• More and deeper internal audits and an increasing desire for an organization to obtain an external assessment against generally accepted privacy principles;
• Growing demands for service providers to obtain an independent assessment of their privacy and security practices;
• Social networking between the organization and customers, employees and job candidates, resulting in the development of further privacy protection policies; and,
• Evolving professional expectations, leading to privacy certifications in specific jurisdictions or industries.
The report also notes that as regulations concerning data protection and privacy are expected to proliferate, companies must be certain their enterprise-wide privacy protection strategies meet current needs and anticipate future challenges.
Fineberg writes for Accounting Today, a SourceMedia publication. Follow EBN on:
