This presentation, delivered at the AIIM23 conference in New Orleans on April 26, 2023, described how to leverage good privacy practices, including data minimization, to build customer trust.
Mifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pills
20230426 AIIM23 How to Leverage Privacy Practices to Build Customer Trust.pptx
1. How to Leverage Privacy Practices
to Build Customer Trust
Jesse Wilkins, CIPP/US, CIPM, IGP, CRM, ICE-CCP
President and Principal Consultant
April 26, 2023
4. The Age of Privacy
• 137 countries have privacy and data protection laws in place
• U.S. is late to the party!
• 6 states have passed comprehensive privacy and data protection laws
• Indiana, Montana, Oklahoma, Tennessee, and New Hampshire poised to pass
• Some include individual rights to action – i.e. customers can sue
5. Customers and the Age of Privacy
• Organizations with more mature privacy practices are getting higher
business benefits than average
• 93% of organizations are reporting privacy metrics to their Boards
• 90% of organizations surveyed said their customers will not buy from them if
they are not clear about data practices and protection
• 76% of companies that invest in a robust privacy program see increased
loyalty and trust from their customers
Source: Cisco 2021 Data Privacy Benchmark Study
https://www.cisco.com/c/dam/en_us/about/doing_business/trust-center/docs/cisco-privacy-benchmark-
study-2021.pdf
6. Customers and the Age of Privacy
• Customers don’t care about the nuances of, e.g., CCPA.
• Customers don’t care about fines.
• Customers care that you safeguard their information.
• Customers care that you use their information appropriately.
• For the reason you collected it for -
• And no other reason.
8. Elements of a Privacy Program
• Understanding of the regulatory environment and risks
• Understanding of corporate culture and tolerance for risk
• Privacy team
• Inventory of systems and information
• Personal or sensitive information
• High-impact systems
• Third-party systems
• Data mapping
• Systems & information inventories
9. Elements of a Privacy Program
• Policies & procedures
• Privacy policy and notices
• DPIA
• DSAR response
• Breach response
• Controls
• Access controls including need to know
• Reporting and metrics
• Employee awareness and training
• Annual assessment
11. A Customer-Centric Privacy Policy
• Easy to find on the website or app.
• Jargon-free: Let them know their data is safe.
• Transparent: Tell them what you collect and how you will use it.
• Opt-out clause – again, easy to find.
13. Retention and Privacy
• Retention and disposition started as
facilities management
• Then came to deal with corporate
malfeasance
• Then we tried Big Bucket Theory™
• In the age of privacy, retention needs
to be more granular
• Data minimization should be the
default
17. Building Customer Trust – A Checklist
• What personal data are you collecting?
• Do you need to collect all of that?
• Why are you collecting it?
• Who are you sharing it with?
• Who are they sharing it with?
• What (else) are you using it for?
• How do you protect it?
• How long do you keep it?
• Would you trust the way you handle
your data?
18.
19. About the Speaker
• Jesse Wilkins, CIPP/US, CIPM, IGP,
CRM/CIGO, edp, ICE-CCP
• President and Principal Consultant,
Athro Consulting
• More than 25 years experience in
information management
• Internationally-known speaker, trainer,
and writer
• AIIM Fellow #223
• IG Hall of Honor #5
20. For More
Information
Jesse Wilkins, CIPP/US, CIPM, IGP, CRM-CIGO, edp, ICE-CCP
Principal Consultant, Athro Consulting
https://www.athroconsulting.com
jesse.wilkins@athroconsulting.com
Twitter: @jessewilkins
LinkedIn:
https://www.linkedin.com/in/jessewilkins