Data Breach — Is Your Business Prepared?

Recently I attended a Kansas City Direct Marketing Association (KCDMA) Meeting about data security and it was actually very interesting –partly because the speaker, Scott Swift, the Assistant VP of Claims with AXIS PRO Insurance, was very engaging.

Data Breach – specifically Personally Identifiable Information (or PII as known in the industry) may affect each of us individually, or as an employer, or as an agency, or as a client, or as an employee.  This was interesting to me. While PII is usually not a mailing address or an email address but is typically social security number, bank information, health information or credit card info.  And the breach isn’t always hacked—a breach could be a lost or stolen cell phone, computer, or paper file, or someone’s behavior (whether intentional or unintentional.)  Scott Swift told the group something very compelling—according to a 2013 Data Breach Investigation Report that 40% of breaches happens to a small business. Scott suggested that as small business owners, if we don’t have a data breach plan, there’s a free resource on how to establish one via Experian. The link is www.experian.com/assets/data-breach/brochures/response-guide.pdf.

The KCDMA speaker spoke about many topics including the emerging presence of TEXT/SMS marketing. He said the FTC and the Telephone Consumer Protection Act highly regulate text message campaigns and we’ll find the laws that are in place for email or telephone are amplified for delivery to your mobile phone. (Wow! So much happening in the world of mobile/text/SMS!!) The speaker suggested we look at  www.wileyrein.com for good info on trends.

When it comes to Data Privacy, particularly offline and online collection, Scott suggested always provide clear and forthright information.  From my standpoint, I’ve always suggested to clients to be members of the Direct Marketing Association (dma.org) and follow their templates on privacy, data collection, etc. Scott also stressed that we (as business owners and business managers) know and follow our own policies.

If you don’t have a data breach policy and procedure, perhaps a good place to start is your privacy policy and then determine how to augment with a data breach policy and procedure.

Did you enjoy this post? Sign up for more.

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

The Catalog Blog covers opinions and information on all things catalog. Have something to add? Leave a comment below. Catalog University is devoted to helping you get ahead in the fun and fascinating world of catalogs. If you want even more information about cataloging, including FREE Pub Talks, be sure to sign up for the Cat-U mailing list. We will never share your name with 3rd parties.

Gina Valentino
Dean of Marketing, CatalogUniversity.com
President, Hemisphere Marketing, LLC
http://www.cataloguniversity.com

Comments