With the regulations like GDPR and the California Consumer Privacy Act and other privacy regulations, and the associated penalties for not protecting your customer data, there are a number of steps that all organizations need to follow to keep customer data more secure and avoid being non compliant.
Only collect vital data
Start with a focus on only collecting data that is actually vital to your organizational objectives. This means decreasing the external value of your customer data while increasing consumer confidence in how you handle personal data.
Decreasing the external value of customer data ultimately helps with data security because hackers are less likely to steal low-value data that they are not able to leverage. If all a hacker has to gain from you is a list of email addresses, this may not be that interesting. Though, with even email addresses having some value, thinking about how you store them and what you do with them is equally important.
If your business collects names, phone numbers, location data, socio-economic data, etc then the data is more valuable. The greater number of data points collected, the more valuable it is likely to be for not just your organization, but also for hackers.
Collect the minimum and audit annually
Collecting only vital data increases consumer confidence because when you are collecting data that the customer deems unnecessary to the relationship, they might place less faith in your handling of it.
When consumers see forms with that many fields, they probably question what that company really needs all that sensitive information for. This might lower confidence in the company, they might also be less likely to fill out that form which also compromises data quality.
To evaluate what data is essential, you should periodically audit every piece of consumer data you collect and ask, “If we didn’t collect this data would it radically change the customer relationship and our effective mission for customer data?” Reviewing the data collection methods and content at least annually is highly recommended.
As part of the annual review of the specifics of the data that you collect, also means taking stock of the ways that you collect that data. If you’re using the Pretectum CMDM as the collection point then the methods of capture are clearly articulated and you have the ability to change the data capture model at any time. If however, you are using offline modes of data collection or upstream systems, the data collection methods and approaches may not be so clear or well documented.
Control access
Not everyone needs unbridled access to all the data you’re collecting; employees likely also don’t need the same level of access to the data they use. Limiting access to customer data means fewer vulnerability vectors for your organization.
The Pretectum CMDM supports a sophisticated roles base access controls model that not only tells you who is accessing which data but can also inform you as to why.
Reducing access vectors reduces the risk of data abuse in general.
Siloed data also hurts data analytics, that’s why Pretectum’s CMDM allows you to stage the customer data of multiple business areas centrally. You’re encouraged to use this model to collate customer data centrally and leverage the duplicate detection functionality to consolidate your customer master data records.
Data silos often mean that different aspects of customer data are being stored in different places, this is ok, because often this happens to focus on what is most appropriate or aligned with the specific needs of particular business areas. Where this approach falls down, is where the data is stored in unapproved or insecure applications and data stores.
This puts customer data at risk. not having a good understanding and view of where customer data is being maintained represents potential non-compliant handling of privacy-related data. Again, this is why the Pretectum CMDM supports logically separated data but uses data tags to present a unified view and understanding of customer data.
When you break down the data silos with a unifying technology, you develop a more clearly articulated customer data management strategy. That data management strategy in turn details exactly where and how data is handled. That prevents your organization from storing data in multiple data stores and risks your organization losing track of what tools it uses to handle customer data. This helps not only with auditing and control but also with data quality.
Contact us today to learn how you can increase your control and management of customer master data.