Are you trading on trust?

Have I got a great deal for you! Want to join my loyalty program? Just give me your personal details and you’ll get 15% off!

This probably sounds very familiar and it happens on a daily basis. What you might not realise though is that this also occurs in public sector entities – they just don’t do great deals that often. The very channel I’m posting on has my details – should I trust them, and do I have a choice? In the age of data-driven marketing and lakes of customer data, we must have a more robust approach than just a ‘feeling’ of trust.

You would think that major brands and public sector entities at a governance level, like boards, would have privacy and data security as a standing item of risk – but many don’t. The reality of a data breach is when and not if it will occur. The momentous reputational damage a breach can cause with customers, citizens and the wider economy is now clearly evident. In just the last year a national Australian supermarket suffered a major breach. And last week it was shown the most vulnerable of our society – children at risk – are being put at even greater risk with the poor handling of data. While I am sure both entities will recover, I am also sure it will get people thinking. Can and should we trust them?

For many organisations both public and private, privacy and data security is a ‘thing’ that the ‘technology people’ look after. Many claim that each time they ask ‘technology security’ for help on such matters, they usually get a no, so a workaround must be found.

Privacy and data security is not a technology problem, it’s a matter of good governance. It should be engineered from the very start and not bolted on as an afterthought. In an economy driven by data it should now represent a clear competitive advantage. It should underpin your business strategy – your customer should trust your approach to their privacy; lose sight of this at your peril. So if you’re in a governance role of any kind, just ask the question – what are we doing to protect our customers’, clients’ and citizens’ data from a breach?