Organizations are increasingly under pressure to protect customer data and ensure it is used responsibly. Companies need a formalized data program to hold themselves accountable.
As customers prioritize data privacy, they will pick providers that offer full transparency about their data collection and processing. Data ethics is at the top of the CEO agenda, as negligence may result in severe consequences such as reputational loss or business shutdown. To create an effective policy, companies need a formal program to ensure standards are upheld and evaluated regularly.
Companies should have data-protection guidelines in place. Unfortunately, most organizations do not have clear rules in place on how to treat and protect customer data or how to prevent breaches. Having said this, a data program should go beyond just regulation in protecting the privacy and use of customer data. It should focus on providing transparency about what data is collected and how, how the information is used, and whether those use cases are appropriate.
To build a robust program for ethical data usage, organizations should take four steps.
1. Align on company vision and beliefs
Organizations need a shared vision and mission for their data program, tailored to their industry context. Being clear on the company’s vision, the values it supports, and how a potential data use case aligns with those values is critical and can guide decisions around data usage. Having clear values and standards helps companies to decide with which data ventures they want to collaborate and with which not.
2. Determine data ownership and risk mitigation
A good data program defines roles for the ethical use of data and data ownership. The program’s policy should also clarify company responsibility for data collected and processed.Organizations should also be aware of existing data risks. Should something go wrong, the business will need a secure escalation process in place. Prudence and compliance are enablers, not inhibitors, of business value creation.
3. Evolve culture and talent
Having a culture of transparency and privacy at the leadership level makes it easier to roll out those changes across the rest of the organization. Having a customer-centric approach also means making data-usage decisions based on their potential impact on customer privacy rather than their immediate economic effect. Training new and existing employees to adhere to the culture of data privacy and risk mitigation is also critical.
4. Set up a data-ethics board
A data-ethics board should be a cross-functional committee composed of representatives across business, compliance and legal, operations, audit, IT, and the C-suite that serves as a reference entity for complex and contentious data use cases, such as customer segmentation. IT representation is critical because of the department’s data responsibilities and technical knowledge. However, it is still the job of business departments and data owners to ensure that their functions comply with adopted policies and continuously monitor new use cases that might need a data-risk evaluation.
This article is based on the article: “Ethical data usage in an era of digital technology and regulation” written by Ewa Janiszewska-Kiewra, Jannik Podlesny, and Henning Soller.