Published: Thursday September 3, 2015
Written by on Blog Entry
There have been two big data breaches in the news this week: firstly how the Information Commissioner’s Office is investigating claims into charities on-selling customer information which led to conmen tricking a dementia sufferer out of thousands of pounds. Secondly, how through human error, a clinic in London sent HIV patient information to over 800 people by accidentally CC’ing all their patients.
The charity sector has scored a real own goal here. Its ‘customers’ are among the (potentially) most loyal and most engaged of any sector and the data that donors have shared over the years is their most valuable asset. But (and it’s a big but…) it was shared on a fundamental basis of trust.
Our Trust Economy research earlier this year looked at what makes people trust organisations with their data. 62% of people will not provide personal information if they don’t know how it’s going to be used. In the charities sector, we calculate this could equate to a loss of more than £6.57bn. Ultimately, it’s not the data that’s the problem. It’s what businesses are doing with it that’s the issue. All the technology and security in the world won’t help if a charity resorts to earning revenue by selling its donor data, or in the case of the clinic, if an employee makes the fatal error of putting all its customers’ email addresses into the cc line of an email.
Our view is we shouldn’t be focusing on reducing the flow of data but we all need to work harder on transparency and good data governance. This week’s stories show the importance of businesses and organisations needing to be educated on good data practices. Data expertise is essential. If charity donors or patients stop trusting organisations because they don't know how their data is going to be used in future, we all suffer: not just the charities and the clinics but the wider business world which now relies so heavily on the availability of good quality data.
Let’s get back to basics - get the data right, keep it safe and be absolutely transparent with how you use it. There’s no excuse for anything less.