Protecting Customer Data is Key to Reputation Management

Your brand reputation ultimately lives in the hearts and minds of consumers, but there are ways it can be influenced. One of the most effective ways to do so? Respect your customers’ personal information.

A disgruntled employee is caught on camera shouting at a customer. The video goes viral. 

A scathing Yelp® review of your business shows up on the first page of search engine results.

You discover your systems have been hacked, potentially exposing sensitive customer data.

Your brand reputation — how people think or feel about your company — is arguably your most valuable asset. Recognizing this, businesses invest millions of dollars each year to manage their brand reputation. And for good reason — 25% of a company’s market value is directly tied to its reputation.1

A positive brand reputation boosts the bottom line.

Life with a positive brand reputation is good: happy customers, a higher quality applicant pool and higher company value. Brands with a good reputation can rely more on word of mouth (and less on paid advertising) for marketing, as happy customers become eager brand advocates. Good brand reputations attract more customers, for a boost to the bottom line. Consider this:

• A one-star increase in online reputation can increase revenue by up to nine percent.2
• Ninety percent of consumers say positive reviews influence their purchase decisions.3
• A positive review makes 68% of consumers more likely to visit a business.4

But when a brand's reputation takes a negative turn the effects can be devastating -- low search engine rankings, reduced profitability, and high employee turnover, just to name a few.

Consumers play an important role in a business’s reputation.

According to Heartland, a payments provider, a company’s brand reputation is extremely important to consumers.

• 87% won’t even consider dining at a restaurant with low ratings.
• 87% refuse to do business with a company if they have concerns about its data security practices. 
• 71% would stop doing business with a company if it shared sensitive data without permission.

Consumers have more power than ever to share their views on a company, positive or negative, directly with a wide audience. It just takes a single tweet or less-than-favorable review to tarnish a company's reputation.

Reputational damage can come from many fronts, including social media and employee posts on job search sites.

Mishandling consumer data can kill a business’s reputation.

Digital technology adoption generates an enormous amount of highly valuable data. Elements like location tracking, website cookies and personally identifiable information help companies better understand consumer habits, preferences, and trends.

For merchants, customer data is gold. This data can be used to improve the customer experience or maximize marketing efforts. Consumer data can also inform product development and business decisions.

But along with data’s great potential comes great responsibility. A data breach is among the top three, fastest ways to undermine a company’s reputation.5

Consumers are keenly aware of the power and risk associated with their personal data. They're vocal and will vote with their wallets if a business's data practices are unclear or they feel their personal information is being used in ways they don't understand or agree with.6

For their part, merchants haven't done a great job of alleviating consumer concerns. Customers have low tolerance for companies whose data practices fail to meet expectations. Forty-eight percent give businesses a failing grade when it comes to protecting their personal information. It doesn’t stop there.

• 59% of consumers believe their personal information is vulnerable to a security breach.
• Nearly 50% don’t believe companies when they say their data is safe or data breach issues are resolved.7
• 62% percent of consumers are uncomfortable with how companies use their personal information.
• Two-thirds of consumers are worried about data privacy and security.

Merchants have a responsibility to ensure their customer data is appropriately collected and protected. This includes vetting and monitoring third-party vendors who manage customer data. Additionally, merchants should be aware of two major regulatory requirements related to customer data.

• General Data Protection Regulation (GDPR)
  
  GDPR is the world's toughest data privacy and security law. Enacted by the European Union (EU) in 2018, the GDPR governs how entities anywhere in the world collect and process personal data from individuals living in the EU. The law defines both the responsibilities of those collecting or handling data and the rights of those whose data is collected. With penalties and fees that can reach into the millions of dollars, the financial cost of failing to comply can be steep.

• Payment Card Industry Data Security Standard (PCI DSS)
  
  PCI DSS is a global standard that requires all businesses to protect cardholder data that is accepted, processed, stored, or transmitted. Though the levels of regulatory requirements vary by processing volume, even small businesses that accept cards as payments must adhere to the standard. Failure to comply can carry hefty fines and fees, not to mention damage brand reputation and customer trust.

If you think data security is only important for large corporations, that could be a costly mistake. Most cyberattacks are targeted at small and midsize businesses, 60% of which go out of business within six months of a breach.8 Businesses that do survive a data breach still face fines, fees, and potential class-action lawsuits. Boycotts, lost contracts, and customer churn are often consequences of reputation damage.

Strengthen customer trust with secure data management.

Fortunately, there are steps merchants can take to ensure they build and maintain a strong positive brand reputation while also protecting consumer data and privacy.

Educate employees. Employees are the first line of defense in protecting customer data. Be sure they know and follow your company's data privacy guidelines and processes.

Foster transparent communication. Consumers want to know when and why their data is being collected. Be transparent about data collection practices and policies. This helps to establish trust.

Practice "privacy by design." Elements like automatic timed logouts and strong password requirements reinforce data security and demonstrate that your business values consumer privacy.

Collect only the data you need. Identify all the forms of consumer data you collect and how it's used. If you don't need it, stop collecting it. Also, be sure to clearly communicate processes for requests to remove or transfer consumer data.

Restrict internal access to data. Nearly one-third of recent breaches were traced back to insider threats.9 Make sure only those who need to access data can do so.

Master crisis response. One of the highest predictors of consumer trust lies in how quickly a company reports and responds to a data breach.10 Most regulations mandate that companies disclose breaches within a certain timeframe. Develop an incident response plan before a breach or crisis occurs so you can act quickly if one does.

Ultimately, consumers just want to be taken care of and that includes their personal information. Merchants who want to protect their brand reputation should remember that collecting, keeping, and using consumer data also requires cultivating consumer trust.

Contact your Synovus Treasury Management Consultant or Relationship Manager for help protecting customer data. If you have questions about PCI compliance or customer management, complete a short contact form and we’ll be in touch to assist you.