Data ethics can help make it easier for employees to make the right decisions about data, decisions that could help prevent data breaches or at least minimize their size, scope, and cost.
- If an employee decides not to collect certain data because it’s not needed or relevant, that data can’t be exposed in a breach.
- If an employee instinctively decides, because of ethical training, not to store or transport data in a way that might harm the interest of the data subjects, that could prevent a breach of that data from happening.
- If an employee decides for ethical reasons that data should not be shared with certain parties, that could reduce the chances of a breach.
- If an employee decides not to keep data any longer than is needed, that can reduce the chance that that data will be exposed in a breach.
And a good data ethics program could also reduce the harm if a breach does occur.
Being able to demonstrate that your organization and employees actually practiced data ethics, and did everything ethically and reasonably possible to prevent either the incident or the harm from it, might make victims, the public, shareholders, and the media more forgiving.
There is significant evidence that ethical companies are trusted more, and companies that are trusted tend to be forgiven far more quickly than companies considered not trustworthy.
A good ethical stance on data, and especially a verifiable training program, could also reduce legal exposure and costs in the event of a breach. The law never demands absolute or perfect security, that’s just unreasonable. What it does expect are reasonable measures, reasonable precautions, or better still, going above and beyond. Good data ethics could help you get there.