Blockchain, or distributed ledger technology (DLT), is estimated by Gartner to create $3.1 trillion of business value by 2030, yet many organizations lack a clear understanding of its applications, the risks and benefits specific to their company and industry, or strategies for achieving optimal return from DLT projects.
The landscape of blockchain applications, considerations for understanding their potential benefits, and the importance of planning in enterprise DLT deployments is vast. Beyond those important aspects of adoption decisions are the specific privacy and security considerations that can arise in an enterprise blockchain implementation. Understanding these factors is critical for an organization to determine whether certain use cases make sense given its unique privacy and security risk landscape.
Organizations must intimately understand their regulatory requirements around the use, sharing, maintenance, and upkeep of various types of data — including data that may be transferred via a blockchain. While it's not feasible to thoroughly discuss all of the regulatory and legal governance of various types of blockchain implementations here, it's important to call out a few to keep in mind. Most multinational corporations are now governed under the General Data Protection Regulation, which introduced strict principles for how the personal data of EU citizens is collected, processed, and stored. HIPAA is a regulatory consideration for potential blockchain implementations at healthcare organizations, and "know your customer" rules will affect the extent to which financial services institutions can use blockchain. If you're utilizing cryptocurrency or tokens as part of your implementation, there are many tax and anti-corruption guidelines and laws to follow.
Understanding the requirements and ensuring those are baked into the workflows and technologies around blockchain use are essential best practices. Below is a checklist of considerations to review when evaluating data privacy and regulatory limitations for blockchain implementations.
Like the introduction of any new technology or system, blockchain use must be vetted across key stakeholders within the organization, to ensure applications are woven into existing information governance (IG) frameworks and programs. Cross-functional collaboration is a key best practice in IG and should extend to blockchain deployments to avoid compliance and privacy pitfalls. Internal or external resources that understand IG, privacy, and security should be active participants on the DLT implementation team to ensure success.
Join Dark Reading LIVE for two cybersecurity summits at Interop 2019. Learn from the industry's most knowledgeable IT security experts. Check out the Interop agenda here.