Twitter. Marriott. Even the CRA! Millions of Canadians impacted. What do they have in common? They all damage organizations' corporate reputations.
Over the two years we’ve seen these and many other brands lose a significant amount of hard-earned positive corporate reputation and brand equity through privacy breaches and data hacks – often made worse by poor crisis communications management.
Up until now we’ve only heard about these breaches when organizations decided to tell us, media broke stories or the scale was too big to ignore. But as of November 1, 2018 federal regulations changed and all organizations that suffer a privacy breach must report it to the regulator, who may notify the public.
Businesses and organizations can seek help for privacy breaches from people like Ale Brown, Founder of Kirke Management Consulting. Ale's team focuses on helping organizations excel in their business objectives by finding opportunities for growth within a strong privacy framework, while at the same time managing risks that could prevent their success.
The majority of data and privacy breaches are caused by internal employees; breaches maybe as simple as leaving a folder with a printout of customer or marketing information in a car.
As our cyber security partner Dominic Vogel, President of Vogel Cyber Leadership & Coaching says, cyber attacks are also increasingly common (think when, not if). And with the new reporting regulations, you will have to manage a breach in front of a public with a quickly diminishing patience.
Organizations should build strong programs based on 4 pillars:
- Maintain an effective and robust Privacy and Data Management Program
- Ensure strong cyber security practices
- Best practice breach identification, remediation and response processes
- Effective crisis communications planning and management
There is still time to implement best practices for both privacy management and crisis communications to prepare for, mitigate and manage a privacy breach.
Crisis communications response begins now – with a proper plan that identifies the risks and lays out the procedures to following in the first hour, day and week. Principles of empathy, transparency and timeliness are at the forefront of good practice.
"Trust is one of the most valuable commodities any organization can have. Maintaining trust in the face of a privacy breach is essential if you want to maintain your brand, reputation and all the financial benefits that come with that," said Tamara Little, Coast Communications and Public Affairs. "Preparation is an investment in your bottom line."