Decoding the data dilemma: Strategies for effective data deletion in the age of AI

Businesses today have a tremendous opportunity to use data in new ways, but they must also look at what data they keep and how they use it to avoid potential legal issues.
Forrester predicts a doubling of unstructured data in 2024, driven in part by AI. But the evolving data landscape and escalating cost of breaches and privacy violations call for a critical look at how to create an effective and robust data retention and deletion strategy.
While the expected volume of data is growing, so are the cost of data breaches and privacy violations.
To manage data effectively, organizations need to craft a policy to delete obsolete data.
The longer a company stores data, the more opportunities for a data breach or fines for violations of privacy law.
The first step to minimize this risk is to take a comprehensive look at how a company is using its data, along with the nuanced considerations and tangible benefits of a data retention strategy.
Organizations often find themselves compelled to delete obsolete data due to legal requirements that are core to data protection laws.
The best way to identify which data can be considered obsolete, and which data will add ongoing business value, is to start with a data map that outlines the sources and types of incoming data, which fields are included and which systems or servers the data is stored on.
A comprehensive data map ensures a company knows where personal data lives, types of personal data processed, which types of protected or special category data are processed, the intended data processing purposes and the geographic locations of processing and applicable systems.
A meaningful data inventory and classification is the foundation for a solid privacy program and helps provide the data lineage needed to understand how data flows through a company's systems.
Once a company has a map of their corpus of data, legal and technical teams can work with business stakeholders to determine how valuable specific data might be, what sort of regulatory restrictions apply to storing that data and the potential ramifications if that data is leaked, breached or retained longer than necessary.
Imagine a data analytics team at a financial institution that wants to ensure lending eligibility models are trained on as much data as possible.
To reduce the change of inaccurate predictions, discuss with business stakeholders how data becomes stale and less valuable over time and which data is most reflective of today's world.
To help decide how long to keep data, start with affirmative legal obligations around maintaining financial records or sector-specific regulations around transactions that entail personal data.
Look at legal statute of limitation periods to determine how long to keep data if it's needed to defend against a potential lawsuit, and only keep personal data that's needed for a potential litigation defense, such as transaction logs or evidence of user consent, rather than every piece of data on individual users.
When it's time to clear out less valuable information, data can be deleted manually based on the retention period for each data type defined in the retention schedule.
Truly deidentified data generally falls under exemptions in data protection laws, but doing this correctly requires stripping out so much value that there's not much left to use.
As we've outlined above, there are several considerations in addressing obsolete data, including foundational data mapping and lineage, defining retention period criteria and working out how to implement these policies efficiently.
Navigating the intricacies of data deletion requires a strategic and informed approach.
If you want to read about cutting-edge ideas and up-to-date information, best practices, and the future of data and data tech, join us at DataDecisionMakers.


This Cyber News was published on venturebeat.com. Publication date: Sat, 16 Mar 2024 18:13:06 +0000


Cyber News related to Decoding the data dilemma: Strategies for effective data deletion in the age of AI

Ofcom publishes UK age verification proposals The Register - The UK's communications regulator has laid out guidance on how online services might perform age checks as part of the Online Safety Act. The range of proposals from Ofcom are likely to send privacy activists running for the hills. These include ...
1 year ago Go.theregister.com
PornHub now also blocks Texas over age verification laws - PornHub has now added Texas to its blocklist, preventing users in the state from accessing its site in protest of age verification laws. Texas' age verification bill HB 1181, passed last year, went back into effect last week after the State won an ...
9 months ago Bleepingcomputer.com
Teaching Digital Ethics: Navigating the Digital Age - In today's digital age, where technology permeates every aspect of our lives, the need for ethical behavior in the digital realm has become increasingly crucial. This article explores the significance of digital ethics education in our society and ...
11 months ago Securityzap.com
Decoding the data dilemma: Strategies for effective data deletion in the age of AI - Businesses today have a tremendous opportunity to use data in new ways, but they must also look at what data they keep and how they use it to avoid potential legal issues. Forrester predicts a doubling of unstructured data in 2024, driven in part by ...
9 months ago Venturebeat.com
How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
2 months ago Aws.amazon.com
Mississippi Can't Wall Off Everyone's Social Media Access to Protect Children - In what is becoming a recurring theme, Mississippi became the latest state to pass a law requiring social media services to verify users' ages and block lawful speech to young people. Once again, EFF explained to the court why the law is ...
5 months ago Eff.org
What Is Cloud Security Management? Types & Strategies - Cloud security management is the process of safeguarding cloud data and operations from attacks and vulnerabilities through a set of cloud strategies, tools, and practices. The cloud security manager and the IT team are generally responsible for ...
6 months ago Esecurityplanet.com
In the Crosshairs: Addressing Emerging Threats Through Adaptive Software Development - To counteract these ever-changing threats, organizations must adopt adaptive responses that can dynamically adjust to new challenges and vulnerabilities. This article zeroes in on the crucial intersection of adaptive software development and ...
9 months ago Cybersecuritynews.com
Privacy Education for Students: A Vital Curriculum Component - Recognizing privacy as a fundamental right, educators are increasingly acknowledging the importance of integrating privacy education into the curriculum. This article explores the significance of privacy education for students and its role as a vital ...
11 months ago Securityzap.com
Marketing Strategies for PaaS Services: Get Ahead of the Curve - With the ever-growing demand for cloud-based performance and services, Platform-as-a-Service (PaaS) is becoming increasingly critical for modern software development. PaaS is a cloud-based platform, providing businesses with an integrated suite of ...
1 year ago Hackread.com
How to Enrich Data for Fraud Reduction, Risk Management and Mitigation in BFSI - To stay ahead of these challenges, organizations are increasingly relying on data products to enrich their data and enhance their fraud reduction and risk management strategies. The Data Revolution in BFSI. Data is the lifeblood of the BFSI sector. ...
10 months ago Securityboulevard.com
Data Loss Prevention for Business: Strategies and Tools - Data Loss Prevention has become crucial in today's data-driven business landscape to protect sensitive information. This discussion aims to provide valuable insights into DLP strategies and tools for business, helping mitigate data loss risks ...
10 months ago Securityzap.com
PornHub blocks North Carolina, Montana over new age verification laws - Adult media giant Aylo has blocked access to many of its websites, including PornHub, to visitors from Montana and North Caroline as new age verifications laws go into effect. This move also impacts other adult sites owned by the company, including ...
11 months ago Bleepingcomputer.com
Protecting Student Privacy Online - In the rapidly evolving world of online education, the protection of student privacy has emerged as a critical concern. This article delves into the privacy risks associated with online education and highlights the significance of complying with ...
11 months ago Securityzap.com
Navigating an AI-Enhanced Landscape of Cybersecurity in 2024: A Proactive Approach to Phishing Training in Enterprises - As we stand at the precipice of 2024, the intersection of artificial intelligence and cybersecurity looms large, with phishing attacks emerging as a focal point of concern. The integration of AI is poised to redefine the threat landscape, introducing ...
1 year ago Securityboulevard.com
5 common data security pitfalls - Many organizations are caught in the crosshairs of cybersecurity challenges, often due to common oversights and misconceptions about data security. From the pitfalls of decentralized data security strategies to the challenges of neglecting known ...
1 year ago Securityintelligence.com
EFF to Court: Strike Down Age Estimation in California But Not Consumer Privacy - The Electronic Frontier Foundation called on the Ninth Circuit to rule that California's Age Appropriate Design Code violates the First Amendment, while not casting doubt on well-written data privacy laws. EFF filed an amicus brief in the case ...
10 months ago Eff.org
Business Data Backup and Recovery Planning - Data backup and recovery planning is essential in today's interconnected and data-driven business landscape. By understanding the significance of data backup and recovery planning, businesses can effectively protect their critical information and ...
9 months ago Securityzap.com
CVE-2022-45786 - There are issues with the AGE drivers for Golang and Python that enable SQL injections to occur. This impacts AGE for PostgreSQL 11 & AGE for PostgreSQL 12, all versions up-to-and-including 1.1.0, when using those drivers. The fix is to update to ...
1 year ago
CVE-2024-56327 - pyrage is a set of Python bindings for the rage file encryption library (age in Rust). `pyrage` uses the Rust `age` crate for its underlying operations, and `age` is vulnerable to GHSA-4fg7-vxc8-qx5w. All details of GHSA-4fg7-vxc8-qx5w are relevant ...
2 days ago Tenable.com
Medusa Ransomware Unleashes New Tactics: Data Sale, Time Extension, and AI Threats - In the ever-evolving landscape of cyber threats, Medusa Ransomware has taken a bold step by launching a dedicated blog to publish victim details, offering a chilling one-click data sale for $10,000. This notorious group, distinct from Medusa Locker ...
11 months ago Cybersecurity-insiders.com
Cybersecurity in the Age of Remote Work - The shift towards remote work has brought numerous benefits, but it has also exposed organizations to new cybersecurity risks. We will uncover key insights and best practices to ensure the safety of operations in the age of remote work. In ...
9 months ago Securityzap.com
The Rise in Attacks Requires Specialized Expertise - Organizations today are increasingly reliant on the convenience, scalability and cost-effectiveness of migrating data and operations to the cloud. While cloud migration offers organizations significant benefits, it has also opened them up to a myriad ...
1 year ago Paloaltonetworks.com
US Supreme Court Leak Investigation Highlights Weak and Ineffective Risk Management Strategy - A recent US Supreme Court leak investigation has highlighted a number of weaknesses in the existing risk management strategy. The investigation has revealed that there were no controls in place to prevent the leak from taking place and the risk ...
1 year ago Csoonline.com
Biggest Data Security Threats for Businesses: Strategies to Strengthen Your Defense - With cybercriminals continuously evolving their strategies to target sensitive data with sophisticated attacks, data security has become a universal priority-no matter the size of your business. With the right strategies, such as regular security ...
1 year ago Hackread.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)