Every association understands the impact of data threats. Even in cases where you may feel confident about your data security - it may not be resulting in the visibility, control, or bottom-line impact that you are envisioning for your organization.
As data breaches are becoming increasingly common, you want to uphold the solid reputation you have built for your organization.
While you may think of data privacy as a general requirement of all modern businesses, have you ever considered the impact of data security on your bottom-line revenue?
Taking control of your data is not as difficult as you may imagine. Once you do, you’ll realize that data security is not a necessary burden, but rather, a long-term investment in your organization’s future.
Data Security Is An Investment
Almost all associations deal with personal data and sensitive information about members and employees. This may include addresses, social security numbers, credit card numbers, and other private records.
The security of that data refers to protection against cybersecurity breaches. Possible threats include hackers penetrating your network, the corruption or stealing of confidential member data, viruses or malware in your system, or the attempt to destroy your entire online platform.
Most leaders are conditioned to believe that data maintenance is a necessary burden. It’s time to adjust your perspective. Data protection is not just about security. It’s an investment in digital operations that will allow you to evolve your digital practices and offers for years to come.
This was proven in a 2019 Cisco Consumer Privacy Survey. The results showed that across 2800 security professionals in companies of all sizes (across 13 countries):
- More than 40% of organizations saw benefits worth at least double what they were spending on their privacy software.
- There was a correlation between privacy accountability and higher financial returns.
- The organizations utilizing operational agility and privacy has grown to over 70%
- The majority (82%) of organizations see certifications in privacy as a bargaining chip within supply chain management and vendor selection.
The Money Pit of Bad Data Management
Conversely, bad data management will squash your potential for operational autonomy and growth. A data breach will not only cost you your reputation, but it could cost you a fortune in the years to come.
Here are a few of the potential costs of poor data management:
Breached Trust (To You and the Entire Industry)
Consider the Target data breach of 2013. The brand was targeted in a cyberattack that affected more than 41-million customers. As the largest data breach of its time, this resulted in a multi-state settlement.
Target paid more than $18 million dollars in legal fees (as well as a follow-up class-action lawsuit in 2015 where the company agreed to pay up to $10,000 to customers that possessed enough evidence of their suffered losses from the breach).
As associations become increasingly digital (through virtual events, obtaining digital member data, more credit card numbers, social security numbers, etc.) - A breach will not only hurt you, but the entire industry.
Costly Compliance Penalties
Beyond the reputation impact and potential loss of industry support - You are under the scrutiny of federal and state regulations.
Associations must account for all legal compliance in regards to the collection and protection of personal information to avoid hefty fines and penalties. As health care associations already know, compliance frameworks like The Health Insurance Portability and Accountability Act (HIPPA) fine up to $1.5 million dollars annually, in compliance-related incidents. Similarly, the Payment Card Industry Data Security Standard (PCI-DSS) fines between $5,000 and $100,000 per month.
Associations in compliance-heavy industries should consider designing their own compliance content to share with members during Hum’s Data Safety Month (June).
Your Reputation IS Your Bottom-Line
The largest impact on your bottom line is the permanence of a data breach. A survey conducted by Gemalto (the world's largest manufacturer of SIM cards) found that "a majority of 70% of consumers would stop doing business with a company if it experienced a data breach."
To put it frankly, your chances of forgiveness are slim.
IBM's Annual Cost of a Data Breach Report found in 2019 that the average data breach will cost companies $3.92 million. Even smaller businesses average around $2-million in expenses due to the long-term impact that plagues them for years.
Furthermore, half of Americans have decided not to use a product or service because of privacy concerns. PewResearch.org finds that "about half (52%) of U.S. adults decided not to use a product or service because they were worried about how much personal information would be collected about them."
Finally, and most concerningly, the National Center for Middle Market in a joint report by Cisco, discovered that "60% of small companies fail within 6-months of a data breach."
Undermining your trust with your audience could literally cost you everything.
Recommended Data Safety Practices
Association leaders should take proper measures to secure their data, including day-to-day operational changes. Suggested updates include:
- Increase security for sensitive data on mobile platforms (According to OuterBox, 79% of smartphone users have made a purchase using their mobile device in the last 6-months, with 62.24% of people owning a mobile device in 2021)."
- Ensure your organization is following the standards and requirements established by the PCI Council (if you are accepting credit card payments in any form). Consider PCI audits and manage the submission process to confirm that the appropriate committee members are reviewing your organization.
- Install safeguards and continuously maintain them (this may include encryption, firewalls, and detection software for any intrusions).
- Train your teams to enforce the same policies for handling and storing sensitive member data. Create a culture of data awareness in which there is continuing education and establish guidelines that would follow in the event of a data security breach.
- Update privacy policies and evolve with the rapidly-changing standards. Stay abreast of all trends and adopt new policies that remain within the constituents of any federal or state regulation in regards to personally identifiable information (PII).
- Consider investing in data insurance and liability coverage for data privacy.
- Consider GDPR guidelines for the collection of personal data in regards to outreach and marketing efforts. For associations that share their member’s data with sponsors, they are required to uphold all personal and sensitive data standards.
The Verdict: Data Security Isn’t Just Important - It’s Essential
You are constantly collecting first-, second-, and third-party data. As you take steps to secure your member data, also consider how you can use that data to transform your digital operations.
Modern members don’t just want their personal information to be secure. They will also expect personalization, streamlined outreach, and digital-first interaction. As you determine how your tech stacks up, consider integrating an Association Intelligence Platform, like Hum.
Hum helps associations unify their existing systems (AMS, LMS, Community Events, Membership data, etc.) and develop insights about their audience. Not only does Hum offer SOC 2 compliant data security, but we also help you use your data to grow your mission.
If you're ready to leverage your first-party data – Reach out so we can assess if Hum is right for your association. Check out our free blog, and be sure to subscribe to the newsletter for more transformative insights!