Guide On Data Security And Privacy
                     Guide on Data 
security and privacy
Introduction
Data privacy or information privacy is a branch of 
data security concerned with the proper handling 
of data – consent, notice, and regulatory 
obligations. More specifically, practical data 
privacy concerns often revolve around:
• Whether or how data is shared with third parties.
• How data is legally collected or stored.
• Regulatory restrictions such as GDPR, HIPAA, 
GLBA, or CCPA.
Source: www.varonis.com 2
Why is Data Privacy 
Important?
Data is one of the most important assets a 
company has. With the rise of the data economy, 
companies find enormous value in collecting, 
sharing and using data. Companies such as 
Google, Facebook, and Amazon have all built 
empires atop the data economy.
Source: www.varonis.com 3
Data Privacy vs. 
Data Security
• Data Security protects data from compromise 
by external attackers and malicious insiders.
• Data Privacy governs how data is collected, 
shared and used.
Source: www.varonis.com 4
Data Protection 
is the Force 
Behind Our Right 
to Privacy
• Despite recent advances in data privacy 
legislation and practice, consumer’s privacy is 
regularly invaded or compromised by 
companies and governments. That has led 
some to argue that consumers have already 
lost the privacy war.
Source: www.varonis.com 5
Data Protection 
Principles
• Data availability—ensuring users can access 
and use the data required to perform business 
even when this data is lost or damaged.
• Data lifecycle management—involves 
automating the transmission of critical data to 
offline and online storage.
Source: www.varonis.com 6
Data Protection 
Principles Cont.
• Information lifecycle management—involves 
the valuation, cataloging, and protection of 
information assets from various sources, 
including facility outages and disruptions, 
application and user errors, machine failure, 
and malware and virus attacks.
Source: www.varonis.com 7
Elements of Data 
Privacy
• Data Privacy or Information privacy 
encompasses 3 elements:
• Right of an individual to be left alone and have 
control over their personal data
• Procedures for proper handling, processing, 
collecting, and sharing of personal data
• Compliance with data protection laws
Source: www.varonis.com 8
Data Privacy is 
not the same as 
Data Security
• To properly protect data and comply with data 
protection laws, you need both Data Privacy 
and Data Security. Even though these two 
terms can look similar, their distinctions are 
clearer once you start to dissect them.
Source: dataprivacymanager.net 9
What is more 
important for 
your 
organization?
• Imagine that your company introduces 
elaborate data security methods using all the 
necessary means and available measures to 
protect data, but has failed to collect that data 
on a valid lawful base.
• No matter the measures of securing your data, 
this would be a violation of data privacy.
Source: dataprivacymanager.net 1
0
Consequences of 
non-compliance
• With the development of technology, there is 
an increasing number of intrusive ways to 
collect and process personal information.
Source: dataprivacymanager.net 1
1