Rachael Giannetti on The Big Data Boom's Effect on Compliance

Have you listened to Spotify, treated yourself to a Starbucks latte, or ordered something from Amazon recently? If so, you have become part of the big data compliance conversation. You see, companies such as the ones above (and many, many more) have compiled data about you that better serves their ability to deliver results and products you will be happy with.

More than ever, companies are hosting massive amounts of information about their customers. This information can be worth a lot to certain people and can have devastating effects for the customer if it ends up in the wrong person’s hands.

In recent years, a number companies, and those who use their services, have found themselves the victims of massive data breaches. Credit card information, medical records, addresses, and phone numbers, as well as internet and purchase history can be gleaned from the companies who store this information and used in a number of different, nefarious ways. Due to this, the landscape has changed drastically within the past few years.

Too Many Laws to Keep Up With?
The finance and healthcare industries seem to have been hit the hardest when it comes to big data compliance. Not only do they face numerous new laws and regulations, they also have contractual standards, non-binding industry standards, and guidances for best practices. Staying on top of the changes in best compliance practices surrounding data is also subject to frequent change due to the swiftly changing nature of data itself. Companies may be noncompliant and their customers at risk due to an unforeseen crack in their security or a change in regulation.

Not Commonly Understood Technology
What happens when those making the laws do not fully understand the technology they are trying to regulate? Big data, to those unfamiliar with it, is inherently complicated and technical. The compliance laws surrounding data are just as complicated but not technical enough. Most of compliance revolves around clear definitions and guidelines. However, when it comes to data, many rules and regulations contain language such as “acting appropriately.” Meaning, if a company can prove they were taking appropriate action, they will usually not be found in violation of the law.

Unequal Prioritizing of Breaches
Which is more important to you to keep private: your name and address or your social security number? Many companies who house data have varying levels of security based on the kind of information they store. Names and addresses alone have less enhanced security measures, while databases with names, addresses, and social security numbers are more likely to have more thorough protective measures. In data compliance they call this concept scaling. In essence, scaling is how a business determines whether or not they need to spend time and money addressing a particular security risk. Either way, what they’re bargaining is your private information.

As the use of big data by business continues to expand, the laws and regulations surrounding it will have to be tailored to better address the problems it creates. Protecting consumer data is a priority and is becoming increasingly dire every day. While on the right track, nailing down these regulations to be more precise and succinct will be the goal over the next few years.

This article was originally posted on RachaelGiannetti.com on February 28th, 2019.

Rachael Giannetti is a compliance manager for a registered New York, Florida, and New Jersey Mortgage Broker specializing in residential loans. Since her start with the company in 2011, she has been instrumental in numerous implementations and developments, and credits her success to her ability to stay on top of compliance news and trends. Where many find compliance to be arduous, Rachael loves the opportunity to face challenges and find the perfect solution. Giannetti earned her Bachelor’s degree in Public Relations from Hofstra University, where she also minored in Political Science. She then attended the University of Bridgeport where she earned a Master of Science in Education, completing her graduate degree. For all things compliance, be sure to visit her website at RachaelGiannetti.com.