Skip to main content

Company has to manage privacy as a risk

Published on 04/09/2015 in Tech, tips & tricks

Company has to manage privacy as a risk

Security is more than technology. Privacy is more than compliance. Europe will be approving a new framework for data protection later on. The new act considers privacy to be an important risk in areas such as business and reputation. Erik Luysterborg, EMEA Privacy & Data Protection Leader at Deloitte Enterprise Risk Services, during the Cyber Security Convention 2014. 

Quite a lot of people toss their entire lives onto social media, it seems. Is privacy dead? “No”, says Erik Luysterborg, EMEA Privacy & Data Protection Leader at Deloitte Enterprise Risk Services. “Privacy is not dead. Not even among the young generation who are crazy about social media.” Privacy is the right to decide for yourself how, when, with whom and to what extent you want to share your personal information. So it’s partly about strategy: users make choices for themselves. But equally, it’s about compliance and protection. If an individual gives permission for certain information to be shared, then the company involved must make sure that this information is properly stored, managed and protected. “In that respect, we should not forget, incidentally, that privacy is a basic right only in the European Union”, Erik Luysterborg goes on. “In this field, European legislation is a source of inspiration for regions like Asia and South America.”

New framework
And yet there is still a great deal to be done in Europe, too. The current legislation is a patchwork. It remains the same in essence, of course, but the various European member states have developed the legislative framework in widely differing ways. There is also considerable difference in the way in which the countries apply and enforce the law. At the same time, the world has changed rapidly, with the arrival of the internet, social media, etc.

“There is a proposal for a new EU Data Protection Regulation on the table”, says Erik Luysterborg. “It may be approved around the end of 2015 or in mid-2016, which would mean that the new framework would come into force in 2018 at the latest.” The new legislation must ensure that companies adopt a holistic approach to privacy. It’s about the combination of users, processes and technology. “We no longer talk about data privacy, but about data governance. The new legislation considers privacy to be a major risk, both for the business and the reputation of a company, and for the legal framework within which it operates.”


One magazine is the Proximus B2B magazine for CIOs and IT professionals in large and medium-sized organisations.

Blog topics


Contact us

Our employees are ready to help you!