Q

Data breach notification must demonstrate commitment to customer service

Plan for a data breach and you'll be prepared when you need to notify customers. Lior Arussy advises that you focus on four things when reacting to a breach: speed of response, assuming responsibility, proactive guidance, and providing compensation.

What's the best way to notify customers of a security or data breach? Do you recommend having a policy in place in case this happens? What should it include? Obviously, our company is hoping to avoid a problem like this, but how should we alert customers if any kind of breach occurs?
The best approach is to plan for a data breach. Assume that problems will happen and then ask yourself how you can demonstrate your commitment to your customers in a data breach notification. Instead of optimizing your processes, it will be wiser to optimize your complaint-handling process. In designing a response plan for a data breach, focus on four important elements:

1. Speed of response – Your ability to respond within an hour and not wait for the customer to contact you is crucial.

It will demonstrate your proactive approach and that fact that "things are under control." 2. Assuming responsibility – Regardless of the real reason, the customer will view you as responsible for the problem. You might as well assume the responsibility and not argue with the customers (unless they were grossly negligent). Assuming responsibility will take the "sting" out of the dispute and put you and the customer on the path to resolution. 3. Providing proactive guidance – In a data breach notification, provide customers with directions as to what to do next to minimize the damage or rectify the situation. Your directions should be specific and include links to online resources or to the relevant forms they need to fill out. Save the customer time and hassle by sending him directly to the right Web page. 4. Compensating for damage -- If the damage is substantial, include a small monetary compensation for the inconvenience. If you want to retain your customer, view this compensation as an investment in the long-term relationship. By providing compensation, you will demonstrate that you sincerely care about the damage that was caused.

By planning and being proactive, you will demonstrate your commitment for the future and to your relationship with your customers. In general, problems such as identity theft will be forgiven only if companies act swiftly and responsibly. Preparing for such events will allow you to create a better and more complete response. Problems are a great opportunity to differentiate your company through delightful experiences.

This was first published in March 2007

Dig deeper on Customer privacy and data security

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchBusinessAnalytics

SearchDataManagement

SearchSAP

SearchOracle

SearchAWS

SearchContentManagement

Close