Banking

It’s time to embrace customer data privacy and security

Share this post:

Customer data is the modern enterprise’s most valuable asset. For years, enterprises have collected and stored it without giving it a second thought. Now, new technology, business and regulatory challenges are forcing them to rethink how they collect and manage that data.

Customer data drives innovations like artificial intelligence and blockchain solutions. For most companies, it fuels increases in their share of existing markets, and it’s the key to unlocking new ones.

But for companies that don’t master privacy and security, data can be toxic. If they don’t protect their customers’ data, they face potential financial and legal repercussions. Enterprises must learn how to use data responsibly and transparently — not only to comply with stricter regulations, but also to build relationships with their customers.

Companies that don’t properly protect and account for data risk abusing it unwittingly, which can damage a company’s reputation and erode its relationships with its customers. As described in a report from the GAO, some experts worry about the potential data abuses, such as the exclusion of potential customers from products and services like insurance and bank loans based on alternative credit data. Others point to the potential for automated AI systems to introduce bias and discrimination based on misuse of customer data.

A shifting regulatory landscape

These potential data abuses are drawing interest from policymakers. Stricter regulations are changing the compliance landscape. Data protection is more than a perk; it’s a strategic imperative.

For example, automated profiling and decision-making is a danger that the European Union’s General Data Protection Regulation tries to protect its data subjects from. Organizations holding such data face penalties that could reach 4 percent or 20 million euro of their global revenues, whichever is higher, if they do not meet its strict requirements. Some companies have already been hit with multi-million euro fines for violating the GDPR.

There’s a mounting movement for similar data protection across the globe, including in the U.S. The California Consumer Privacy Act will require companies who collect data from California residents to be transparent about what they will do with that information and who gets to see it. More than 10 other U.S. states are also mulling strict privacy legislation.

At the federal level, congressional leaders have introduced several bills targeting the privacy of data and data security, such as the Privacy Bill of Rights Act from U.S. Sen. Ed Markey, a Democrat from Massachusetts.

Even in the absence of cohesive federal legislation, individual agencies are nonetheless toeing a harder line. For example, the Federal Trade Commission investigates potential privacy violations and issues penalties where necessary. We expect this wave to continue and think that regulations at a state and federal level in the U.S. may tighten over the next three to five years as lawmakers pay more attention to consumer concerns about data privacy.

Embracing data privacy

These challenges need not be negative for enterprises. If handled correctly, they present significant opportunities.

A proactive approach to privacy can put you in front of compliance challenges and become a useful tool in international expansion. A company without a coherent privacy framework might face unexpected data sovereignty challenges as they try to move and store customer data in other countries. By understanding these issues and preparing legal and technical structures to support your plans, you can better optimize and maximize data use within your established risk tolerance and get ahead of this challenge.

Similarly, a company might develop a product that uses sensitive data. These products and services are common, such as insurance contracts, connected home devices and more. Without the right data privacy review process, the vendor may run into regulatory challenges. By preparing these processes ahead of time, it can help address concerns early and even potentially speed up time to market.

The time to examine your approach to data privacy and security is now. The value of a comprehensive privacy framework will become clear as data becomes an increasingly critical asset.

Learn more about IBM’s data security services and the privacy and data protection practice of Promontory Financial Group, an IBM company.

Partner, Global Business Services, Financial Services

H. Leigh Feldman

Managing Director, Privacy & Data Protection, Promontory Financial Group, an IBM Company

Alan Schienberg

Senior Vice President, Promontory Financial Group, an IBM Company

More Banking stories

Is your sales performance management mid-year correction strategy effective?

Building a strategy and doing the right planning in order to achieve corporate objectives is the key to any business, and no doubt, planning sales compensation plays a crucial role in meeting those goals. A lot of time and effort goes into planning these at the beginning of the year, but sudden changes in the […]

Continue reading

Accelerate sales productivity with an AI digital assistant

Digital assistants today can deliver far more services beyond sophisticated call routing. Infusion of artificial intelligence (AI) functionalities adds the potential to increase seller field time, improve sales performance and help lift HR productivity. These enhancements mean that digital assistants can positively affect business results. What it does A digital assistant with powerful AI capabilities […]

Continue reading

IBM sponsoring WorldatWork: Spotlight on Sales Comp 2019 conference

I like to learn, network, meet new people with similar interests – who doesn’t?  I especially like to learn about sales incentive compensation and how to improve sales performance.  However, there are very few conferences to attend that focuses on the field of sales compensation.  That’s why I always look forward to attending the annual […]

Continue reading