When your company decides to share data with another party, you need to put together a plan on how to accomplish this as securely as possible. It’s like a mini business plan but with secure data sharing in mind.
To help you plan for secure data sharing between your organization and other entities, here’s a checklist of the most important factors to consider:
1. Detail the Purpose of the Data Sharing Agreement
Start by detailing the opportunity presented. Describe how the project creates value for both your company and the other entity. Will your company improve your products or processes? Will it help you create new business opportunities or gain more customers? Or is this just about monetizing your data by selling it to a data broker? (Valued at $200 billion annually, data brokering is a big business; there are more than 4,000 data brokers worldwide.)
2. Describe the Data to Be Shared
Next, you need to identify the data that will be shared. You’ll probably be sharing some subset of this database. If you are sharing with multiple entities or for different projects, it may be different subsets of the database.
Also, you need to detail just how the selected data is to be identified and selected. You must have the right field identifiers in place to properly sort and cut the data. You don’t want to provide more data than what is needed; that could overwhelm the entity with whom the data is shared and expose more data than necessary to outside examination. You want to share just the data needed and nothing more.
3. Detail Where the Data Is to Be Stored
Where does your organization store its data? If all your data is stored in a central database, either on-site or in the cloud, this step is easy. However, not all companies have completely centralized their data storage; according to CompTIA, 80% of companies surveyed reported a high or moderate number of data silos in their organizations.
If your data is parceled out across multiple departments and locations, you have a more daunting task ahead of you. You’ll either need to centralize the needed data beforehand or put together processes to extract the necessary data from multiple databases.
4. Detail How the Data Is to Be Secured
How does your company secure its data? Ideally, all your company’s data should be encrypted. If you’re accessing multiple databases, you have different encryption processes to deal with.
You’ll also have to decide how your secure data will be kept secure throughout the sharing process. Ideally, you want to use end-to-end encryption so that, even if the data is intercepted mid-stream, it can’t be deciphered and read by any party other than the intended recipient.
This also matters to any messaging or communications between your company’s employees and employees from the sharing partner. It’s likely some confidential data will need to be transmitted via text messaging, email, voice calls, or video chats; for optimal security, all these communications must be end-to-end encrypted. It’s important to choose a secure communications solution, such as Wickr, that offers end-to-end encrypted messaging for secure data sharing.
5. Describe Who Should Have Access to the Data
Yes, you’re sharing data with an identified entity, typically another business or organization. It needs to be clear, however, that your data is to be shared with that organization and only that organization and that the other party does not have the right to sell or share your data without your prior permission. You want to keep access to your data as limited as possible while still ensuring its usefulness to your sharing partner.
6. Detail How the Data Will Be Used
You probably don’t want to give unlimited access to your data. You want to keep some control over how the other entity uses your data. For example, if you’re sharing your customer contact list, you may specify what types of communications are made to your customers, how often, and over what specific period. You do not want a third party abusing the data you’ve so graciously shared.
7. Describe Any Legal or Regulatory Constraints on How the Data Is to Be Shared and Used
In some regions and industries, there may be constraints on how data is shared. The healthcare industry, for example, has strict regulations concerning patient privacy that must be addressed. If you’re sharing data with a European company, the EU’s General Data Protection Requirements (GDPR) precisely spells out how data can be captured, stored, and shared between companies.
Make sure that you and your sharing partner adhere to all legal or industry regulations concerning the use of the shared data.
8. Identity the Technologies Used to Share the Data
Finally, you need to spell out just how the data will be shared-what file formats and communications protocols will be used. It’s important to work out all the technical details before the sharing begins.
Wickr-For Secure Data Sharing
Secure communications are a key component of any data sharing plan. Wickr offers a variety of end-to-end encrypted messaging that will fit the needs of your specific project. Contact us to learn more about how Wickr can be part of your company’s secure data sharing strategy.
Originally published at https://wickr.com on October 14, 2019.