They have all been the subject of stories in the news lately which highlight the difference and the challenges between corporate security and privacy. All of the presidential candidates had their passport files improperly accessed by independent contracts who did not have authorization to access their information. Britney Spears’ medical files were also inappropriately read during her most recent hospital stay. Heads have rolled at both organizations in response to the improprieties.
I’ve written research here at Forrester to show how privacy and security are related but different issues. All of these cases show how data privacy requires more than just technology, such as access control systems, but also employee training and enforcing consequences for bad behavior. Privacy and security teams need to work together to ensure that they aren’t leaving a gaping hole between them where an authorized user or intruder can bypass their systems.