According to a recent report by Accenture, one in three financial services organisations lack either clear plans or resources to address customer data privacy risks in the next year. Based on a survey of 100 privacy executives across insurance, banking and capital markets industries in Europe and North America, the report highlights how enterprises need to rethink the way in which they handle customer data in light of new regulations, such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
It was revealed that 70 percent of respondents saw privacy as a key risk for their organisations, and nearly three-quarters (72 percent) of respondents’ corporations use consent to tailor customer-facing products and services. By giving customers control over their data and deleting personal information when requested, financial services firms incorporate privacy into their customer journey.
The majority of respondents (51 percent) named privacy risk monitoring as the privacy risk which will require the most effort to remediate over the next year. This was closely followed by the accuracy and maintenance of records processing/ information asset registers (44 percent) and records management and data retention/ deletion (41 percent).
Due to the “right to erasure” elements of GDPR and CCPA, risks are heightened, and consumers are empowered by the right to ask companies to delete their personal data when they wish, making proper record management vital. According to the report, firms can achieve this by using automated tools to aid data discovery.
While over three quarters (76 percent) of respondents plan to increase their privacy investments over the next 12 months, companies without clear privacy strategies may fail to reap the benefits. Meanwhile, those with clear strategies and an inherent culture of privacy awareness will likely distinguish their organisation and enhance consumer trust.
Over the past few years, data privacy regulations like GDPR, HIPAA and CCPA have brought security concerns to the forefront, especially in the wake of digital transformation. Today, we see compliance as a core requirement of nearly every digital project. No matter if you’re a start-up with just a few hundred contacts or a tech giant managing a database of millions, it is of vital importance to gain and document consent from users whose data you collect or process.