Data breaches, cloud computing, location-based services and regulatory changes will force virtually all organisations to review, and at least half of all organisations to also revise, their current privacy policies before year-end 2012, according to Gartner, Inc. These issues will dominate the privacy officer’s agenda for the next two years.

“In 2010, organisations saw new threats to personal data and privacy, while budgets for privacy protection remained under pressure,” says Carsten Casper, research director at Gartner.

“Throughout 2011 and 2012, privacy programs will remain chronically underfunded, requiring privacy officers to build and maintain strong relationships with corporate counsel, lines of business, HR, IT security, IT operations and application development teams. An established relationship with regulatory authorities and the privacy advocacy community will also be an advantage to them.”

Gartner has identified the top five issues that privacy officers must pay particular attention to in 2011 and 2012:

1. Data Breaches Continue to Be a Top Concern

Data breaches rank high on the priority list because of their visibility, but preparing for and following up on breaches is actually straightforward. Most controls exist anyway if security management is working properly. This topic should not consume more than 10 percent of a privacy officer's time.

organisations should compartmentalize personal information, restrict access, encrypt data when transmitting it across public networks, encrypt data on portable devices, and encrypt data in storage to protect it from users who have been given too much privilege, from rogue administrators and from hackers. Consider data loss prevention tools, tokenization, data masking and privacy management tools.