In the wake of well-reported data-security and privacy breaches, a new Edelman study unveiled on March 7 revealed that concerns about data security and privacy are impacting what people buy and with whom they do business. As such, these are increasingly relevant issues for our clients and we must encourage them to make data security and privacy a high-priority focus.
There are five important questions to ask when beginning a discussion on data security and privacy:
1. Crisis Communications
Do you have a crisis communications plan in the event of a cyber-incident like the loss of intellectual property, the shutdown of a website, or a data breach? Responding to a security incident in a timely manner is essential. Our study indicates that data breaches have a tremendous potential to go viral. Approximately one in three victims said they told a friend about their experience and one in four reported they posted about it online. The swifter a company communicates its response and solution, the more contained and controlled the backlash against the cyber-incident is likely to be.
2. General Communications
Do your customers and influencers have a clear understanding of what information you collect, how it is being used and what control they have over it? People around the world indicated they do not trust companies to protect their information. Sixty-eight percent agree with the statement that “consumers have lost control over how online personal information is shared and used by companies.” In order to gain the trust of their customers, businesses must communicate clearly what information they collect, how it is used, and what control individuals retain over it.
Are you planning to introduce products or services that use customer data in new and innovative ways? If so, what are the privacy implications? Because data security and privacy are emerging as central business issues, companies should consider how their innovations affect privacy and security; in some cases, they may find that the costs of privacy and security outweigh the benefits of innovation.
4. Support Team
Have you discussed privacy and data security with your chief privacy officer, general counsel, and information security team? These are issues that companies must approach comprehensively, from a business, legal, strategic, and communications standpoint. Understanding a company’s ability to protect data and privacy and ensuring each division’s responsibilities are executed is essential to the effective management of data and privacy.
5. Do you understand how the changing policy and regulatory environment could impact your business?
From President Obama’s call for a Privacy Bill of Rights to the European Commission’s proposal of new comprehensive rules for the protection of personal data and the Asia Pacific Economic Cooperative’s development of a new privacy framework, businesses now face more scrutiny than ever before. Having an awareness of the emerging policies and regulations on data security and privacy is essential to managing the issues effectively.
Asking these five questions will allow our clients to begin thinking about how to actively manage data security and privacy and it will allow us to provide them with the best counsel on one of the key business issues of the 21st century. So start thinking: how will you start a discussion about data security and privacy at your company?
**Updated March 19, 2012** For more information focused on Security in the UK as well as EMEA rules and regulations, we invite you to listen to the podcast Data and Security from Edelman Editions. Edelman Editions is the UK’s digital publishing platform for the latest intelligence and Edelman thinking on the issues of the day.
Image credit: fitbloggersguide