The Green Sheet Online Edition

March 25, 2019 • Issue 19:03:02

Data privacy regulations: Three things to know

By Neetu Shaw
Clarity Insights

Data privacy is well beyond its fifteen minutes of fame, and there is no sign of scandal, consumer concern or regulation slowing down. Just last month U.K. lawmakers claimed Facebook "intentionally and knowingly" violated data privacy laws to share data with third parties, the latest in an ongoing saga for the social media giant.

While your organization may not be in the business of social media, the reality is the GDPR, California Consumer Privacy Act (CaCPA) and future regulations will affect your organization, and noncompliance can cost millions of dollars and consumer trust. Beyond those regulations, data security and privacy are overarching concerns for the entire financial services industry, with data breaches like HSBC's 2018 breach creating urgency to shore up data.

Protect your brand

To prepare and ensure your brand is not in the spotlight for violating consumer rights, there are three things you should know about data privacy regulations.

1. While compliance with GDPR addresses many data privacy concerns, CaCPA includes additional rights, including right to disclosure of the sale of data, the right to object to the sale of data and requirement of opt-in for the sale of children's data. A comprehensive comparison can be helpful as you determine where your business has gaps in compliance.
2. Personal data extends well beyond name and Social Security number. As wearable tech proliferates, DNA tests become increasingly common consumer purchases and brands leverage consumers' fingerprints or voiceprints in lieu of passwords, brands must expand their definition of personal data to include these.
3. Ultimately, data privacy and security are often complicated by the storage and processing of the data itself. As brands have incorporated unstructured data like social media, they may be facing a complex task to apply regulations on a macro-level, much less apply individual or regional regulations at a jurisdictional level.

Devise a strategy

A comprehensive data strategy that provides compliance today, as well as the flexibility to incorporate new regulations as they are passed, is vital to success. But, perhaps just as important, is a data strategy that also understands the usefulness of consumer data, and keeps customer experience, customer analytics and more in mind.

With less than a year until CaCPA takes place, data privacy and security are – and should be – top of mind for financial services' organizations. A comprehensive review of your current state, and a data strategy that both complies with laws and enables responsible use of customer data, will benefit your business and our industry.

Neetu Shaw is an executive partner at Clarity Insights, www.clarityinsights.com, servicing the financial services, insurance, higher education and automotive industry verticals. She is focused on enterprise information and digital transformation solutions, enterprise data, big data, master data management, discovery, advanced analytics and artificial intelligence (AI) thought-leadership. Clarity Insights is the largest consulting company in the United States that focuses exclusively on advanced data, cloud and AI solutions. Contact her at nshaw@clarityinsights.com.

The Green Sheet Inc. is now a proud affiliate of Bankcard Life, a premier community that provides industry-leading training and resources for payment professionals. Click here for more information.

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.