Just as the volume and mobility of data that can be used to identify a person has significantly increased over the past few years, so has the law’s attempt to control and maintain the privacy of such revealing information. And while ensuring the security of such important information has become a rapidly escalating logistical nightmare, particularly with the growing popularity of the “bring your own device” movement in the workplace, the continually evolving legal landscape is currently only adding to the problem.
Problems Abound
A substantial difficulty for any entity’s or individual’s attempt to maintain good-faith compliance with the privacy and security of critical data is the data’s very mobility. The ease with which such information can be transported with the aid of modern technology magnifies what is arguably the greatest difficulty with legislating and regulating the unauthorized access to it. This problem is the varied treatment of the privacy and security rules and regulations from one jurisdiction to the next. Moreover, it is no longer a paper file that needs to be taken by foot or vehicle from one location to the next, which is much easier to control the release of; now, records maintained in electronic format which can be whisked, securely or insecurely, virtually anywhere in the world in a matter of seconds.
