Today’s customers are more concerned than ever about privacy, with recent high-profile privacy breaches tarnishing the reputations of some of the world’s largest companies. Your customers are your most valuable asset, so if you are collecting information on them you need to treat it with care.
Of course privacy isn’t just about protecting customer data from prying eyes, it’s also about ensuring that you don’t abuse that data. That’s where the new Australian Privacy Principles come into play.
They apply to all Australian businesses with an annual turnover of more than $3 million, but when you read the fine print these new rules also apply to a lot of smaller businesses. If this includes you then you need to ensure your house is in order. Fines for breaching the privacy principles can be in excess of $1 million.
Even if your business isn’t covered by the new rules, they set a good standard to aspire to.
When you consider the consequences of poor privacy controls, every business should invest time in reviewing its privacy policies and practices. The Office of the Australian Information Commissioner is a useful place to look for details of the new privacy regulations.
The first step in abiding by the Privacy Principles is establishing a privacy policy and making it freely available to your customers. Breaking down the components of this policy offers insight into the technological challenges you’re likely to encounter when implementing your privacy program.
Your privacy policy must tell people what kind of information you hold on them, how you collect it, why you collect it and who you share it with. What’s more of a challenge is that you need to offer people the ability to access the information you hold on them, and the ability to correct any errors.
There’s no hard and fast deadline on how quickly you must respond to a request, only “within a reasonable period”. You’re also obligated to take “reasonable steps” to protect customer data from misuse, loss and unauthorised access.
Meeting these obligations might require you to overhaul the way your business manages customer data, especially if you’re still jamming sheets of paper into a filing cabinet. This could be the impetus you need to finally embrace a customer relationship management system, whether it’s running on a desktop computer or in the cloud.
You’ll find a range of online CRM subscription services designed to suit businesses of all sizes, or you might even find there’s a CRM module available for a service you already use.
Some CRM platforms offer web self-service features to allow your customers to manage their own data, reducing the administrative workload on your staff. If this service includes the ability for customers to easily unsubscribe from mailing lists then it also helps you comply with the Spam Act, another law which can be expensive to break.
Remember, protecting customer data from misuse doesn’t just mean keeping it safely locked away from the general public. It also means maintaining control over which staff members can access to that information and how they use it. A CRM system makes it easier to grant different staff granular levels of access, to ensure that they don’t have easy access to more information than they require.
Good privacy is good for business – if your customers feel that you don’t value their privacy then they might take their business elsewhere.
David Hancock is the founder and managing director of Geeks2U, a national on-site computer repair and support company.