Georgia Gibson Henlin — Prioritising Privacy & ProtectionWednesday, October 13, 2021
While pursuing her undergraduate studies, Georgia Gibson Henlin, Queen's Counsel and chief governance, risk and compliance specialist at Privacy & Legal Management Consultants Limited, was intrigued by computers from her early days and was determined to understand and learn as much as she could about this “new thing”.
Henlin soon became more immersed in the tech space, along with her husband and a few of his friends, deciding to start an Internet service provider company. In her role at PLMC, she focuses on helping people understand the scope of compliance, laws, and regulations. Henlin's eagerness to learn more about cyberspace ultimately saw her pursuing graduate studies at the Centre for Innovation, Law and Policy at the University of Toronto, an experience she recounts as exciting.
Later, her curiosity and passion led her to the United Kingdom to pursue a European Union certified information privacy professional course and a certified information privacy manager qualification, which she says culminated in her knowledge of technology law.
Henlin says the recent social media outage could have affected a user's data availability, an issue under Data Protection legislation. For her, there is a clear distinction in Facebook's context since the company stated that the issue was an infrastructure and network problem, not a data loss issue. It showed that the company had an incident plan, which Henlin said is critical for privacy compliance. “If people's data is not managed and secured properly, there will be a lack of trust and therefore, increasing the chances of losing business to other providers,” Henlin said.
Henlin also stressed that data protection is “a system of rules that enable you to access data legally while respecting the overarching right of the individual to that data.”
Henlin emphasised that data protection involves managing how the data is used, collected, shared and stored. She recommended that organisations ensure that there are internal measures and technical support to guide staff on how to protect personal data. Her company also suggested that organisations allocate adequate funding to ensure compliance with data protection laws and regulations. Another critical factor is to get buy-in from staff because it is crucial to supporting the enforcement of data protection. An adequate understanding also allows companies to comply with the Data Protection Act and General Data Protection Regulation (GDPR) while reducing the risk of facing penalties such as imprisonment, reputational harm, and loss of consumer trust. Henlin offers specific guidance to tech and digital companies urging prioritising privacy by assessing the data available and referring to the data protection law to ensure they comply.
Lastly, Henlin believes in solving the problems “one at a time” then putting the combined solutions into effect to achieve her desired outcomes, a concept she has applied from her studies. Henlin admitted that she prays, meditates, reads and remains patient when faced with challenges.