Organisations had to adapt to the pandemic quickly when offices closed.
The result? More emails, videoconferencing, even customers contacting organisations via social media rather than in person.
And that’s where one big issue has arisen – data privacy within this unstructured information.
How many of us are now giving out our personal details to organisations in ways other than F2F?
An example might be registering a loved ones’ death via an electronic system rather than in council offices or having your doctor’s appointment over the phone rather than in person.
More and more we’re divulging our personal information in ways we didn’t have to before. And we’re probably not even blinking an eyelid over it.
However, it’s a huge issue, and in fact, the Information Commissioners Office (ICO) has recognised that data protection has become so much harder during 2020/2021 that it has addressed the issue directly.
So, why is unstructured data such a headache for organisations when it comes to Data Privacy?
- Unstructured data is hard to find
Unstructured data comes in so many different forms from so many different sources. How many of the following do you use daily in your work? Phone calls, video calls, emails, Word documents, collaboration software, social media? All of the above? We’re creating so much information nowadays that it can be hard to get a complete overview of our unstructured data in its entirety. From a data privacy perspective, the sources of unstructured data are only increasing, so there’s a risk that organisations may not be capturing them all.
- Unstructured data is hard to analyse
So, even if you could identify all your sources of unstructured data, how on earth do you begin to analyse them all? Finding personal data in amongst of all these is like finding a needle in a haystack. The data is not in a nice, neat, searchable format like a database so you really have to trawl through all the sources manually. And nobody has time for that!
- Unstructured data is hard to govern
Personal information should only be held for as long as absolutely necessary (usually dictated by regulation or law.) But if personal data is stored within one of your employee’s emails or in a telephone call when a user said their mother’s maiden name as a security question, how can that be governed appropriately? There’s usually no retention policy on unstructured data, so personal data could be held longer than allowed. A GDPR nightmare! The data has also not been organised and categorised correctly, so there’s a chance that data could been accessed by people who shouldn’t have access. A security nightmare too!
Unstructured data can be full of unknown risk, especially when it comes to data privacy. But if you don’t know what personal data you have, how on earth do you even begin to protect it?
You can also watch our on-demand webinar on Uncovering Data Privacy Risk within Unstructured Data by filling out the form below: