It's one of an IT leader's biggest nightmares: Imagine you've got a division in Russia, which has very strict privacy laws regarding employee information, and there are 12 employees who refuse to allow that information to leave company walls.

Thinkstock

"Then the reality is you need to then manage the data around those 12 individuals and then it comes down to scope, scale and size," notes Clark Golestani, CIO of Merck. Sometimes, if there is a small amount of information company officials need to work with, "paper may be the most efficient method," he says. If it's a larger amount of data, "putting in a locally based system will be necessary."

And there are other global challenges, like how to handle systems that capture information about customers through all forms of communication -- especially in highly regulated industries like healthcare.

IT also has to, of course, grapple with issues that are more technical than regulatory, especially in countries with less-developed infrastructures. "So you've got the technical challenge of network availability and network stability and power availability and stability," Golestani says. "I think those actually are easier to [solve] with technology than the information privacy aspects, because one can employ all sorts of technical techniques to build robustness into the technology."