Data privacy is often seen today as a compliance issue. However, according to Barry Cook, privacy and group data protection officer at VFS Global, there’s more to the subject.

VFS Global is the company that handles visa- and passport issuance-related tasks for many governments worldwide.

It caters to 144 countries and 62 governments worldwide, processing over 190 million visa applications, over 70 million of which include dealing with biometric data.

According to Cook, the world has seen approximately 100 new data protection laws being put into practice in the last year or so. And, for many of these countries, these are first-time laws.

India itself is expected to enact a new privacy law soon that should be on the lines of Europe’s General Data Protection Regulation (GDPR).

“This means data protection is becoming a part of normal business for any organization. It has become an integral component of strategy and business," Cook said.

Data privacy today touches “every single component" of an organization’s business, according to Cook. Just like cybersecurity was being discussed many years ago, and was eventually built into business processes, it’s time for the same approach to be given the same priority. “It has become an integral component of strategy and business," he said.

Beyond the fact that companies have to comply with laws, good data protection practices can also affect a company’s bottom line. “Data privacy now sells. Companies that can demonstrate that they have a good privacy framework and are transparent about how they handle the individual’s data gain a competitive advantage," Cook said.

Further, by building data protection measures into business processes, companies can be more agile. It also reduces losses in the event of a data breach.

Since a company will only be holding data that it absolutely requires to run the required processes, the overall losses from a data breach will also be reduced.

“Privacy-mature companies are benefiting from their privacy investment beyond the mere need of compliance," Cook added.

Cook urged Indian companies to take data protection seriously from now. “Data protection laws have been in existence in Europe for at least 30 years. For India, there will be a massive step challenge," he said.

Starting work on data privacy right now will help companies stay ahead of the curve and they will have to “embrace data privacy as the business-as-usual model", Cook concluded.