Data intelligence presents unprecedented opportunities. It can drive better customer experiences, enhance ways to innovate products and recruit talent, and help capture market share. The marketing and communications community has certainly benefited from new sources of consumer data and the applications for this valuable asset.
But data intelligence also comes with immense responsibility – it requires thoughtful data governance: management of the availability, usability, integrity, and security of organizational and customer data. Companies that fail to take such governance seriously risk something far more precious than the benefits from data intelligence: their reputations.
The role of the chief communications officer (CCO) in guiding an organization’s data governance and operational transparency is critical and an area where smart CCOs must lead. Just as a CCO manages the communications around a data privacy incident, so too must a CCO help a brand head off a breach in the first place – through compliance and following internal safeguards.
Consumers, in fact, are beginning to demand this. They are paying close attention to how their information is used and protected. A 2018 Public Affairs Council study found that Americans consider personal data loss to be among the most serious failures by companies. The issue now impacts every business sector, from finance and healthcare to manufacturing and services, and a lapse in data governance can have dire reputational consequences if a worst-case-scenario happens.
Data privacy is also a major concern of governments in all major economies. The European Union’s General Data Protection Regulation (GDPR), adopted in 2018, which gives individuals greater control over their personal data and simplifies the regulatory environment for multilateral businesses, is becoming the de facto standard across multiple markets. At the recent World Economic Forum in Davos, German Chancellor Angela Merkel called for greater international oversight of data usage. Japan is putting the topic on the agenda at this year’s G20 Summit. And in countries like the U.S. that don’t yet have a national standard, there is an increasing expectation among consumers and employees that companies will strictly adhere to self-imposed standards for data privacy.
Given this, what can a CCO do to address data governance issues to help avoid a data privacy crisis – or to be in the best position to respond to a breach if it occurs? Here is a checklist:
Audit current data protection practices and risks. Ask your CIO, CTO, Chief Data Officer or whomever is the most senior data and technology executive at your organization: Are we taking the appropriate actions to ensure compliance across all business units and geographies? Work with these executives to understand your organization’s data-related reputational risks and ensure you are living up to consumer expectations of privacy and protection.
Prioritize the issue within your organization. Data management has moved from the back office to the executive suite. Many companies are hiring senior-level Chief Data Officers to work alongside their CFO, CMO and other C-level managers. Explore reputational and business leadership opportunities on data privacy, such as support for new standards.
Start governance procedures with employees. A company’s data governance is only as strong as its internal infrastructure and culture of commitment. This starts with training managers and employees, conducting scenario planning and drills, and having a strong, top-down commitment to data governance.
You can’t outsource responsibility. Your company is legally responsible for a cyber-hacking of a third-party vendor that holds your customer information. Make sure vendors are complying with your own data protection policies.
Align leadership around core corporate principles and values. Determine how you are using and sharing data and build a shared employee culture that understands the seriousness of data governance. Use your values to frame anything you say publicly on data issues. Keep your communications simple, clear and complete.
Double down on transparency. Going forward, GDPR-like privacy governance will evolve as the global standard for organizations that want to build and keep consumer trust. Companies need to be transparent about their data practices. Without a doubt, 2019 is the year to double down on embracing data protection and transparency to deliver on your brand promise.
Get ready for what comes next. With so many competing views on data governance, there is no consensus on what a global architecture might be. Organizations should be prepared to influence the policy debate at both the national and multilateral level. Start by assessing business risks and opportunities presented by likely changes in global and national regulatory approaches to data and use this to inform your priorities for advocacy and education.
By Micho Spring, Chair, Global Corporate Practice, Weber Shandwick