Skip to content
Compliance & Risk

Privacy by design: Establishing robust privacy & security programs as a strategic advantage

Leslie Stevens  Director & Global Privacy Counsel / Edwards Lifesciences.

· 5 minute read

Leslie Stevens  Director & Global Privacy Counsel / Edwards Lifesciences.

· 5 minute read

There is a strategic, competitive advantage to establishing privacy and security programs to protect your customers' data

On January 28, we marked international Data Protection Day. And if that date doesn’t resonate with you or your organization, perhaps it should.

Some of the world’s most successful companies have recognized the strategic advantage to being highly customer-centric, of course, but one of the ways to do that is to respect your customers’ privacy and protect their data. For example, companies like Apple have capitalized on the increasing value that customers place on their privacy, and on this Data Protection Day, Apple promoted numerous ways in which their products and services are designed with individual privacy protection in mind.

And Apple is not the only company to realize the benefits of building robust privacy and security into their products and services. Google has also made headlines with its announcement that from 2022 onward, its tools would not support tracking of users across their websites. While there is healthy debate surrounding these announcements (and the motivations behind them), this should signal a change to which other organizations should pay attention.

Your organization’s customers and stakeholders will no longer accept anything but transparency regarding how you process the myriad of personal data you collect on them. To protect the value that such data brings to your digital strategy and growth, organizations must invest in their privacy and security programs now. The burgeoning privacy and security regulatory landscape, and the increasing amount of enforcement in this area, provide the “stick” that incentivizes companies to comply with applicable data protections laws. However, corporations that operate beyond a check-the-box compliance mindset can reap further strategic advantages by implementing robust privacy and security programs that contribute to enhancing brand awareness and, ultimately, your organization’s bottom-line.

This mindset seems to be catching on. In Cisco’s 2021 Data Privacy Benchmark study, more than one-third of responding organizations noted they were making at least double the level of investment in their privacy and security programs they made previously.

As discussed in the first article of this series on corporations’ data security issues, organizations must get the basics of privacy and security right: keeping data secure, being transparent about digital practices, and respecting privacy preferences. Now we set out what practical steps companies can take to improve their privacy and security programs, ultimately using this to engender trust with their customers and stakeholders.

Designing the customers’ journey with privacy and security in mind

Your customers are impacted by their digital experiences with your organization, and positive digital experiences can drive growth. While your company has likely mapped out the customer journey for purchasing products or services online, has it also considered the customer journey when it comes to privacy and security? How easy is it for customers to opt-in or opt-out of marketing communications? When your company enables new technology, has the team considered your customers’ privacy and how the customer will be impacted?

To leverage privacy by design as a strategic competitive advantage, organizations must understand their customer’s digital journeys as it relates to privacy. More importantly, organizations must ensure privacy is embedded systematically across the organization from business process design to technology platform architecture and data governance.

Through this more holistic approach, your organization will be protecting the interests of your customers’ privacy and also its business. The bottom line is that privacy needs a permanent seat at the table.


Simplify your privacy processes

A seamless and clear journey for customers to better control their privacy preferences not only benefits them (their privacy is protected), it also helps achieve your compliance team’s goals (regulatory requirements are satisfied), and provides an improved customer experience and potentially better-quality data for your teams to leverage (business objectives are met).

It’s a cascading benefit. By offering clearer means for individuals to exercise their privacy preferences within your company, you are not only complying with the law; you are also curating your organization’s data to represent truly engaged audiences that can unlock opportunities for growth.

Organizations can now more easily improve the privacy experience of their customers by leveraging technology. The governance, risk, and compliance (GRC) software market is booming, especially in the privacy sphere. Companies can take advantage of the innovative SaaS landscape of GRC software options to support their privacy programs while improving the customer journey and interlinking business processes and data governance. Companies can embrace options ranging from pursuing straightforward solutions to allowing customers to opt-out of cookies on the company’s website, to leveraging software to improve collection of customer consent for marketing, to managing customer preferences across channels. In all these cases, technology can strategically support both your company’s customer privacy strategy and its business needs.

In the end, what can a robust privacy and security program do for your organization? Even when the world emerges from the global COVID-19 pandemic, the focus on digital is here to stay. The opportunities to engage with your customers online will continue to grow, as will your data collection. Further, the regulatory imperative to take privacy and security seriously will only increase with game-changing privacy laws emerging in key markets such as China and India.

As explored in the Cisco study, the strategic benefits of a strong privacy and security program are real and tangible, ranging from reduced sales deal-cycle time for your business, to increased customer trust and brand loyalty, to enabling innovation in your products or services and mitigating losses related to data breaches. When these benefits are weighed in, you would be wise to ask: What is your company waiting for?

In a multi-part series, Privacy by Design, author Leslie Stevens looks at privacy and data security issues at corporations, government entities, law firms, and tax & accounting firms.