For businesses in the United States, GDPR was an eye-opener. It highlighted how different the EU attitude towards data privacy was from that at home. But that difference is getting smaller. Attitudes in the United States are shifting and getting closer to the European standard. California passed a major data privacy act and other states are taking action on data privacy as well. It’s likely the federal government will step in at some point to ensure privacy requirements are consistent across all 50 states.

Businesses that were affected by GDPR and have integrated data privacy-thinking into their IT design and management processes will have a head start on complying with any new privacy requirements mandated in the US. For other businesses, the key point to recognize is that this new approach to data privacy requires new thinking about data as well as new tools and policies for managing it. Data privacy procedures need to be built into applications as they’re developed, not bolted on afterwards.

Many of the approaches taken to meet GDPR requirements can be applied to meet whatever new data privacy requirements are imposed in the US. Above all, companies need to become much more aware of the data they collect, especially where there is personally identifiable information (PII). They should collect only the information essential to conducting business, and they need to store this data with strong security around it, including encryption. There need to be tight controls around the use and re-use of data; consumers no longer accept that data collected for one purpose may be used for a new purpose at some point in the future.

In addition, businesses should assume they’ll need the ability to query and retrieve all the PII they’ve collected around an individual. They should not assume data is immutable. Data will need to be able to be corrected, and businesses need to have policies to do that and distribute the change everywhere the data is used. Applications also need to be built with the ability to delete data.

Many companies struggled to meet the challenge of GDPR because they didn’t have strong data governance controls in place. Companies that design with privacy in mind will be better positioned to comply with any new data privacy regulations that are implemented. In both cases, tools from Veritas help with discovering and managing data to protect privacy while enabling your business to work with data and grow. Contact VAST IT Services to learn more about new attitudes towards data privacy and how you should prepare your business for the

upcoming data privacy laws.

Optimize Your Cloud Spending and Cloud Performance

Working with experienced partners like VAST is the best way to ensure you make the right cloud decisions.


The Three Pillars of Information Technology Rest On A Single Foundation: VAST Support

With 30 years of IT services experience and partnerships with top technology firms, VAST’s services enable you to run your business on a solid base of reliable technology.


Information Technology Services Tailored to Your Technology and Business Needs

VAST offers three kinds of IT services that can be as extensive or focused as your business requires.


Strategic Solutions Driven By Business Needs and Technical Insight

The strategic solutions crafted by VAST help you make the most of the technology you have and ease your transition to a more effective digital business.


The VAST Difference

Since 1989, VAST has been providing enterprise-level IT service and solutions to companies of all sizes and industries across the U.S.