Board of Directors Role in Data Privacy Governance: Making the Transition from Compliance Driven to Good Business Stewardship

Data collection, use, leveraging, and sharing as a business practice and advantage has proliferated over the past decade. Along with this proliferation of data collection is the increase in regulatory activity which continues to morph exponentially around the globe. Adding to this complexity are the increasing business disruptions, productivity and revenue losses, settlements, fines, and penalties which can amount to over $15 million, with many penalties now being ascribed to the organization's leadership, to include the Board of Directors (BoD), the CEO and members of the senior leadership team (SLT). Thus, boards of directors can no longer ignore and in fact must embrace data privacy as a critical part of doing business in the digital world. In fact, not embracing data privacy as a critical part of their strategy, not only puts their stakeholders and stockholders at risk, but also places the future success of their organization in jeopardy. Additionally, increasingly through legal, regulatory, and normative occurrences, Boards are being pressured into taking a more active role in the data privacy activities in their organizations. Therefore, it behooves the BoD to be proactive vice reactive toward their data privacy endeavors.