Could new data laws end up bankrupting your company
? 😧 Matthew Wall, Technology of Business editor for BBC News, provides an EXCELLENT
overview on why we should all care
about the General Data Protection Regulation (GDPR). 📚 Simply put, GDPR will mean that:
Organisations need to keep records of all personal data, be able to prove that consent was given, show where the data’s going, what it’s being used for, and how it’s being protected.
However, according to EMW Law
, only 29% of UK businesses have begun preparing
for the change, “a shocking figure, as on average organisations need 12-15 months to prepare”. ⏳ The consequence? Consult Hyperion
have predicted that banks alone will be fined €4.7 billion
over the first three years (from May 2018). 💸 💸 💸
Furthermore, the new regulation will make it mandatory for organisations to report all data breaches within 72 hours
- basically the opposite of how the AA exposed emails, credit card data
and then didn’t even inform customers
If you want to share data with a third party you must show that the sub-contractors will keep that data safe and private. That’s a big problem because most subcontractor contracts don’t have these clauses in them. Organisations need to start renegotiating these contracts now.
What is the impact of disconnected data
? 🔌 SnapLogic
published a research report
which claims that disconnected data is stifling innovation
and costing organisations $140 billion each year
. 😳 Furthermore:
Nearly three quarters (72%) of respondents feel that their organisation is missing out on opportunities as a result of disconnected data.
Forty-six percent (46%) also state that disconnected data is impacting their ability to engage, support, and meet the needs of customers.
Data silos and ineffective collaboration are to blame. Over half (56%) feel that these silos are building barriers between them and their business objectives.
Earlier this week, the Information Commissioner’s Office (ICO) ruled that the Royal Free hospital broke the law
when it gifted 1.6 million patient-identifiable records to Google’s DeepMind
. 😱 The ICO view Royal Free as the “data controller” - making the hospital responsible for ensuring all data processing is in accordance with data protection laws
Crucially - as put by the Information Commissioner, Elizabeth Denham
, “it’s not a choice between privacy and innovation
” and the legal breaches “were avoidable”. 💯 Dame Fiona Caldicott, the National Data Guardian, iterates Denham’s reasoning
and calls for innovation within legal frameworks
I’m afraid that a laudable aim – in this case developing and testing life-saving technology – is not enough legally to allow the sharing of data that identifies people without asking them first. We need to reassure the public there are always strong safeguards in place to make sure that confidential information will only ever be used transparently, safely and in line with the law and regulatory framework.
In a blog post, DeepMind explained their perspective
- ending on the note that their “most important challenge” is getting the “ethics, accountability and engagement right
”, so new technologies can have an “incredibly positive social impact”. 🌝
England’s Chief Medical Officer, Prof Dame Sally Davies, called for a gene testing revolution
- so NHS care can be tailored
based on the individual’s unique genetic code. ⛓ IMPORTANTLY
- Dame Sally stated that patients need to allow the use of their data
- “in order to get the best diagnosis and therefore the best treatment”. 🏥
Whilst speaking to BBC Radio Four’s Today programme
on Tuesday, Phil Booth (from MedConfidential
) pointed out that “every single use of patient data must be consensual, safe and transparent
” - and patients must have the option to opt-out
Lastly, writing for Datanami, Alex Woodie explores the obstacles
around data integration and privacy
. 🔮 Most notably
, Woodle quotes Michael Stonebraker, adjunct professor at MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL) and the 2014 winner of the Turing Award:
Imagine this simple example: you show up at your doctor’s office and have an x-ray done and you want the doctor to run a query that shows who else has x-rays that look like yours, what was their diagnosis and what was the morbidity of the patients. That requires integrating essentially the country’s entire online medical databases and presumably would extend to multiple countries as well.
While that is a daunting data integration challenge, because every hospital chain stores its data with different formats, different encodings for common terms, etc., the social value gained from solving it is just huge.
Definite food for thought!