The OAIC Community Attitudes to Privacy survey Research Report 2013 found that 49% of Australians are most reluctant to share their financial information – with the top four (71%) reasons for reluctance to share all types of information being privacy or security related. With political and corporate data breaches frequently making headlines, being able to assure clients of absolute confidentiality is more valuable than ever.
However, this assurance is also one that is increasingly difficult to provide. Maintaining good sentencing practices is only part of the privacy picture. A significant burden on financial organisations is the cost of securing the storage and transmission of client data, both physical and electronic. For physical archives, there are two major obstacles. In-house archives rely on companies themselves to maintain a level of security on premises that is costly and would otherwise be unjustified. Off-site archives, while more secure, can expose information to compromise during transit, especially over long distances where multiple handovers are involved. Very few information management firms have a secure chain of custody across all their delivery locations. Instead, when they have to deliver outside certain geographical boundaries or times of day, they outsource to contractors.
This adds one or more unnecessary steps to the information transmission process. While it may only increase the risk of breach by a slight margin, it elevates the risk of data loss significantly. “Complexity is fertile territory for error,” says researcher Matthew C. Holtman. When the human element in a system increases, so does the possibility that something will go wrong. More human engagement can also drive up costs because of the additional manual labour involved.
For smaller firms, the exposure to risk and cost is limited by more modest information volumes and a greater ability to keep records in-house. For larger organisations, the risk is greater. With the confidential information of thousands of individuals under their aegis, a large-scale loss can have an ongoing negative effect on client confidence.
The best information management providers store and transport data according to the strictest industry standards. Their physical storage facilities are secured with advanced fire-protection and surveillance systems, with all employees undergoing a Police Criminal Security check before being allowed to handle client information. The same vetted staff also operate a secure fleet of vehicles and ensure that document chain of custody is unbroken by anyone outside the company, such as a generic courier or other third-party contractor. Their digital offering should provide an administrative console with airtight security configurations, function-level verification on transactions, and application-level security that limits users to accessing only the functionality and data they need.
With this greater security comes a host of financial benefits. Minimised risk of data compromise is a powerful point of difference with competitors. A business that can assure customers that their information is safe is one that will stand out for all the right reasons in a privacy-conscious marketplace. Storing information off-site also makes the physical cyber security of office premises less of a concern. Access to an organisation’s full archives can be controlled entirely through administrative systems, reducing the burden on existing departmental separation practices or clean-desk policies.
Find out more in Grace’s FREE in-depth information management report for the finance industry.