This week on NVTC’s blog, NVTC member company Kathy Stershic of Dialog Communications continues her Brand Reputation in the Era of Data series by sharing principle six: comply with all applicable laws and regulations - then exceed them. 


There are a LOT of laws and regulations out there that govern data handling and privacy. They vary according to where you conduct business. The European Union has the strictest set of laws that are built on the principle of human rights. The United States has what’s called a sectoral approach, that is different laws are set for different sectors – like HIPAA for healthcare, Gramm Leach Bliley for Finance, the Cable TV Privacy Act, the Electronic Communications Privacy Act and on. In the US, 47 of 50 states also currently have data breach notification laws, all of them slightly different. Asian countries adopt data protection laws and sectoral laws. Many Latin American countries have constitutional guarantees, data protection laws, and sectoral laws. Yikes! It’s a lot to comply with – and just to keep things fun, laws and regulations are changing and updating all the time.

Realistically, marketers are not going to know every legal requirement that impacts their organization. But you should at least be aware of the basic principles of what’s allowed in the places you do business, then coordinate with Legal (I know, I know!) on how to stay out of trouble. This discovery can also happen through a process called a Privacy Impact Assessment, mentioned in my previous post.

Observing laws and regulations must be standard operating procedure. But just being compliant really isn’t enough to enhance your position in a fickle and frenetic market. Think about it this way – do you want your child to just stay out of trouble at school, or be a leader in the classroom? Where’s the attention going to go? You sure don’t want to stand out in a bad way – like being one of the 256 app providers who violated the privacy terms they contracted with Apple.

Going beyond the legal minimum and making extra effort will help your business differentiate as a trusted source. Simplified privacy policy language will help. Minimizing data collection and retention (yes, you CAN get rid of stuff!) will help. So will being transparent at all times about your practices and behaviors. Use creative ways to tell the story to your customers and stakeholders – through vignettes, through messaging, through customer service scripts – put it out there. Earning trust marks like TRUSTe really sends the message that you take data stewardship seriously.

Your customers expect you to comply with the law. They want to feel like you care and are proactive about protecting their data. I firmly believe that the great majority of people want to do the right thing; it comes back to mindfulness and balance between enthusiastic pursuit of business objectives and a bit of thoughtful restraint.

Brand Reputation in the Era of Data: 8 Principles for Responsible Data Stewardship That Won’t Kill Your Customer Relationships
Brand Reputation in the Era of Data – Principle 1: Empower Customer Control
Brand Reputation in the Era of Data – Principle 2: Be Clear and Accountable
Brand Reputation in the Era of Data – Principle 3: Do Everything You Can to Protect Customer Data
Brand Reputation in the Era of Data – Principle 4: Mind Your Partners!
Brand Reputation in the Era of Data – Principle 5: Practice Customer Empathy

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

This week on NVTC’s blog, NVTC member company Kathy Stershic of Dialog Communications continues her Brand Reputation in the Era of Data series by sharing principle five: developing an empathic organizational culture that understands, internalizes and practices customer-sensitive behaviors.


Hand in hand with getting your own house in order to secure customer data is developing an empathic organizational culture that understands, internalizes and practices customer-sensitive behaviors. This can be reflected in the marketing practices you adopt, the way customer data is collected and handled, and the attitude and values that are expressed and embodied from leadership through the ranks.

Several respondents in our qualitative feedback study emphasized that organizations’ observing privacy policies internally was very important to them. While most every organization has an external privacy notice (understandable or not), many companies lack a robust internal privacy policy, data management policies, or even clarity of their privacy mission and position. It is important to thoughtfully define these, then train your people, in a resonant and memorable way about these corporate values and an employee’s role in them. Reinforce the training with an ongoing internal awareness campaign. Help your team remember that behind every purchase, tweet, post, click and share is a human being and all that entails. Anyone who has something or someone to protect can understand that.

This is a foundational aspect of your organization’s personality and reputation – how do you want to be seen and regarded? Are you the respectful company? The service-oriented company? One who customers see as sneaky or arrogant? One who is so consumed with innovation and speed that they forget there are real people who will be served or potentially harmed by your invention?

Consider incenting or requiring those who work with other’s personally identifiable information, whether it belongs to customers, employees, partners, students or anyone else, to get certifications. This can help them more deeply understand the implications of what they’re working with. A colleague of mine likened this to how massage therapists are trained to respect the bodies of their customers, with their reputation and careers dependent upon following those protocols.

A best practice is to conduct what’s called a Privacy Impact Assessment (PIA) to evaluate risk in both existing and intended practices and services. There are online resources to offer you guidance (shameless commerce warning: Dialog can help with these); you will need some understanding of the legal and regulatory environment in which you operate. Then, when you objectively understand the level of risk, you can consider adjustments to your practices or plans if necessary. Those who may decline to participate should be made fully accountable for any consequences – financial or otherwise.

Acculturating a sense of responsibility and empathy, with policies to back that up, will go a long way toward solidifying your organization’s reputation as a trusted vendor. And that translates to the bottom line.
Brand Reputation in the Era of Data: 8 Principles for Responsible Data Stewardship That Won’t Kill Your Customer Relationships
Brand Reputation in the Era of Data – Principle 1: Empower Customer Control
Brand Reputation in the Era of Data – Principle 2: Be Clear and Accountable
Brand Reputation in the Era of Data – Principle 3: Do Everything You Can to Protect Customer Data
Brand Reputation in the Era of Data – Principle 4: Mind Your Partners!

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS