Developing a comprehensive and effective data protection strategy within an organization is not trivial. Data protection is not just about technology but also changes in business process, involvement of multiple stakeholders, and ultimately affecting every single person that touches sensitive data. It requires proper planning throughout the entire information lifecycle.