By Matt O’Connor

The top item on every CIO’s 2020 agenda should be data privacy. The California Consumer Privacy Act (CCPA) and a wave of new privacy regulations are forcing business executives to get serious about the security of their customers’ data. Upcoming privacy regulations are a tipping point for how companies manage not only customer data, but all company data. Businesses are moving away from a discrete approach to information technology towards a continuous view.

The California Consumer Privacy Act (CCPA) is set to go into effect in January 2020. This means, that for residents of California, companies must clarify what constitutes personably identifiable data and provide the customer the right to – access their data, delete their data, and opt-out of data tracking. There are pages of legal policy that explain exactly what this means, but simply put, data privacy regulations are forcing businesses to be aware of customer data and control it – or face legal and financial penalties. Most companies and government organizations have allowed their data to get away from them; for most companies, finding customer data is like trying to find a needle in a haystack, let alone delete it.

In order to comply with data privacy regulations, companies need to finally Master Data Management (MDM). Companies have talked about MDM for a couple of decades now.  But as technology has continued to advance and data has continued to grow, MDM has remained elusive.  The primary issues with MDM are that data continues to escape core systems – it finds itself exported to secondary systems and third parties; and data capture devices continue to expand – mobile and IoT. With this constant expansion of data, it is difficult to develop a comprehensive inventory of data. The first step towards MDM is to develop a data map. Once companies have an awareness of what they are collecting where, they can begin to think about IT less as hardware and software and more as a data ecosystem.

Data privacy regulations are part of a broader shift in IT towards cohesive data ecosystems. There is a sense today in corporate IT that business, technology, and regulations are shifting so fast that there’s no right answer to fundamental IT decisions, such as cloud vs. on-prem. Companies continue to push the next IT initiative as something separate from the current way of doing business and in doing so develop new requirements and new processes for new capabilities that have large overlap with existing capabilities. Often these projects create hardware sprawl; often there is no thought of when these projects will end, thus continuing the proliferation of IT costs. But IT organizations that achieve MDM are better equipped to shed legacy systems and adopt state of the art systems. Enabling companies to develop capabilities in unison with advances in the broader technology industry.

Upcoming data privacy regulations are forcing companies to control their data. Use this as an opportunity to implement master data management and modernize your IT organization. As the rate of technology change continues to advance, it’s becoming increasingly important to advance with the industry, in order to avoid falling behind permanently.