“Contrary to traditional notions, collecting and keeping too much data is actually counterproductive for businesses in this new realm where consumers are becoming more privacy conscious. Furthermore, processing sensitive data without fully recognizing the obligations attached to it can also lead to negative consequences.”

Design considerations for building privacy-protecting analytics services:
  • Know when not to keep personal data.
  • Applications not used for the purpose. of analyzing sensitive personal data should not have access to it.
  • Keep sensitive customer data out of analytics databases.
  • Identify where personal information is present in the data processing pipeline.
  • Adopt a walled-garden strategy, and split up the processes to trace sensitive data and prevent it from spreading into unintended or unknown places.
  • Separate the storage of sensitive data from non-sensitive data.

Details from the International Association of Privacy Professionals.