Best Practices for Data Minimization

On a near weekly basis, I read about breaches where much of the exfiltrated data was old data that the organization had no real reason to retain. See, e.g., https://lnkd.in/eaX53AWQ and https://lnkd.in/e4pVA6bT. According to IBM's 2023 Cost of a Data Breach Report, breaches cost organizations an average of $165 per record breached. Report at 2. That means that purging 100,000 records of unnecessary data could save you $16.5M in the event of a breach. Here are five tips: 1. PRACTICE DATA MINIMIZATION: Organizations should practice "data minimization." This means only collecting data that you have a good business reason for collecting and purging unneeded data when it is no longer needed. 2. ARCHIEVE DATA OFFLINE: In one recent example, the breached company apparently "ceased operations in December 2022 but, to comply with legal obligations, . . . maintained an archived copy of data previously stored on its computer systems." See https://lnkd.in/e4pVA6bT. To the extent you are only retaining old data is to satisfy regulatory requirements or just "in an abundance of caution," consider storing the data completely offline, so it is less likely to be breached. 3. CONDUCT A DATA MAPPING: These days it is common for data records to be duplicated in many places across an organization. Thus, consider conducting a regular "data mapping" to ensure that you know where all of your sensitive data is located, that you are adequately protecting it, and that you are purging it when appropriate. 4. IMPLEMENT A WRITTEN POLICY: Be sure to document your data retention and destruction policy in a written policy, and train your employees on the policy regularly. Remember to update the policy to reflect the changing realities in your organization. 5. OVERSEE THE DESTRUCTION OF DATA: Finally, when you destroy data, take reasonable steps to ensure that the data is actually being destroyed. One bank was recently fined $60M for failing to properly oversee a vendor responsible for purging personal data from digital devices. See https://lnkd.in/eutKzpU7.

Many SMBs suffer from data hoarding tendencies - indiscriminately collecting and retaining any data they can get their hands on.  But this mindset is proving increasingly hazardous and expensive from a cybersecurity standpoint.  Over-retention of data exponentially increases your risk surface for breaches and compliance violations. The reality is that sometimes less is more when it comes to data.  Data minimization - limiting collection to what's required - is an underrated security best practice every organization should embrace. Think about it: The more data you hoard, the more avenues you open up for threat actors to steal sensitive info.  Plus, excess data complicates regulatory compliance regarding data handling. Data minimization starts with a thorough data-mapping exercise. Define clearly what data is genuinely required for your business processes versus what's superfluous. Establish strong access controls over essential data. But it doesn't stop there.  You must institutionalize continuous data pruning - systematically deleting outdated or unnecessary records. Implement data lifecycle policies with provisions for secure disposal. Kick that pack rat mentality.  Embrace a leaner data posture through minimization to reduce breach risks and costs.   Protecting a business is about knowing when to hold data and when to let it go. 

An unconventional take on data strategy: Often, less is more. As organizations collect more and more data, we often assume it's always an asset. But what if the real strength lies in collecting less? By minimizing the data we collect and store, we reduce risks, costs, and complexity. Less data means: ↳ Less time spent processing and protecting it. ↳ Less exposure in case of a breach. ↳ More focus on what truly matters. This is not just about storage. It's about responsibility. It’s about using data with purpose, not just collecting it because we can.   Here are some actionable ideas for internal auditors: ↳ Promote a culture that values collecting only what’s needed. ↳ Identify where the organization is most vulnerable to data privacy issues. ↳ Review retention policies, recommend deleting what's no longer useful. ↳ Facilitate cross-functional talks on data governance and privacy standards. What’s your view on data minimalization? #internalaudit #ITaudit #digitaltransformation

1 of 8 Privacy Design Strategies: 𝗗𝗮𝘁𝗮 𝗠𝗶𝗻𝗶𝗺𝗶𝘇𝗮𝘁𝗶𝗼𝗻   Limit as much as possible the processing of personal data. To know what is unnecessary you have to start with purpose. You can't achieve effective data minimization and utility without purpose limitation. Data Minimization is beyond access control. It redefines system architecture to reduce personal data processing. Data Minimization does not stop at data collection - it focuses on the entire data lifecycle Here are some strategies: 𝗦𝗲𝗹𝗲𝗰𝘁: only select what is strictly necessary 𝗘𝘅𝗰𝗹𝘂𝘀𝗶𝗼𝗻: Be liberal in grounds for exclusion 𝗦𝘁𝗿𝗶𝗽𝗲: Remove (partial) data as soon as it is no longer necessary 𝗗𝗲𝗹𝗲𝘁𝗲: Completely remove personal data as soon as they are no longer relevant #privacybydesign #privacyengineering #systemdesign #dataminimization

We're kicking off our deep dive on AI risks and internal controls by diving into the first privacy concern: 𝘂𝗻𝗮𝘂𝘁𝗵𝗼𝗿𝗶𝘇𝗲𝗱 𝗱𝗮𝘁𝗮 𝗰𝗼𝗹𝗹𝗲𝗰𝘁𝗶𝗼𝗻 𝗮𝗻𝗱 𝘂𝘀𝗮𝗴𝗲.   ❌ 𝗧𝗵𝗲 𝗥𝗶𝘀𝗸: AI systems can collect personal or sensitive data without individuals’ knowledge or consent. This includes scraping publicly available information, repurposing data for unintended uses, and failing to inform users about how their data will be processed or stored.   ✅𝗧𝗵𝗲 𝗖𝗼𝗻𝘁𝗿𝗼𝗹𝘀: To mitigate this risk, organizations should implement controls across the entire data lifecycle—from collection to processing to secure deletion—using a four-pronged approach:   🧾 𝗣𝗼𝗹𝗶𝗰𝗶𝗲𝘀 & 𝗚𝗼𝘃𝗲𝗿𝗻𝗮𝗻𝗰𝗲 - Establish and enforce clear data collection, usage, and retention policies - Require Data Protection Impact Assessments before deploying AI tools - Mandate transparency documentation for all AI models that use personal data   ✒️ 𝗖𝗼𝗻𝘀𝗲𝗻𝘁 𝗠𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁 - Obtain informed, explicit consent for data use - Provide clear, accessible privacy notices at the point of data collection - Allow users to opt out or revoke consent easily   📊 𝗗𝗮𝘁𝗮 𝗠𝗶𝗻𝗶𝗺𝗶𝘇𝗮𝘁𝗶𝗼𝗻 & 𝗔𝗻𝗼𝗻𝘆𝗺𝗶𝘇𝗮𝘁𝗶𝗼𝗻 - Collect only data that is strictly necessary for the AI model’s purpose - Apply de-identification or anonymization techniques - Regularly review data sets to purge unnecessary or outdated information   🔎 𝗢𝘃𝗲𝗿𝘀𝗶𝗴𝗵𝘁 & 𝗠𝗼𝗻𝗶𝘁𝗼𝗿𝗶𝗻𝗴 - Conduct regular audits of data collection practices - Monitor third-party data sources and vendors for compliance - Implement data usage logs and alerts to detect misuse   By putting the right controls in place—across policies, consent, data handling, and monitoring—you can reduce the risk of unauthorized data collection and build more trustworthy AI systems. Remember, it’s not just about what your AI can do—it’s about what it 𝙨𝙝𝙤𝙪𝙡𝙙 do with people’s data.   🦦 𝗕𝗲𝗳𝗼𝗿𝗲 𝘆𝗼𝘂 𝗱𝗶𝘃𝗲 𝗯𝗮𝗰𝗸 𝗶𝗻𝘁𝗼 𝘆𝗼𝘂𝗿 𝗱𝗮𝘆, 𝗮𝘀𝗸 𝘆𝗼𝘂𝗿𝘀𝗲𝗹𝗳: - Do we know exactly what data our AI systems are collecting—and why? - Are users fully informed and empowered to control their own data? - Have we reviewed whether the data we store is still necessary—or should it be purged? - What safeguards do we have if a third-party vendor mishandles data?   Thoughtful questions today help prevent privacy headlines tomorrow. Stay tuned—next week, we’ll explore the murky waters of 𝗱𝗮𝘁𝗮 𝘀𝘁𝗼𝗿𝗮𝗴𝗲 𝗮𝗻𝗱 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆.   #internalaudit #audit #auditforward #swimwithaudie #auditsmarter #AI #ArtificialIntelligence #AuditingAI #AuditTheFuture #AuditingAI