The IT-industry is infamous for acronyms and a vocabulary that is just as hard to understand to common man as the general practitioners’. The same goes for sales reps, so just imagine the vocabulary of a sales rep in the IT-industry. I know that I am at least as guilty as my peers, probably more. I usually get some puzzled looks from relatives and friends in other industries when I use buzz words like Business Agility, Time-To-market, right-shoring and TCO. And it is interesting to note that buzz words come and go out of style. You rarely hear anyone using “future proofness” that was my favorite argument when arguing for my recommended solutions ten years ago. Gartner is probably guilty of most of the buzz words. Currently, they have the entire IT-industry talking about the Nexus of Forces and Bring-Your-Own-Device. I will use this blog post to contribute with a new buzz word that is awkward to use but may catch on nevertheless due to its relevance; Compliance Resilience.
A friend of mine is working on a software company that develop systems to the healthcare industry. She had recently been assigned to a pre-study to assess the ramifications of the revised legislations to ensure the data privacy of patients. It was really interesting listening in on the requirements. They were tougher than all the legislations that we have in financial services sector but they were well aligned with requirements from the compliance officers at one of my clients that is considering having their advisors to visit their SMB clients outside of the branch. According to the compliance officers at this bank, a CRM-system that is used outside of the bank has to provide support for limiting access to the clients that the advisor are to meet the following days.
Looking back, it is evident that the legislators are concerned about customer data protection. The chart below presents a subset of the legislations for improved customer data privacy, consumer protection and fraud prevention that have been implemented during the last 10-15 years.
EU has commissioned an ambitious survey on customers’ view on data protection to motivate their ongoing reform, the EU Data Protection. Looking at the results from the survey below, I think it is fair to assume that we can expect new legislations on customer data protection.
We at Avanade have a rigorous program for Customer Data Protection and we do not make any distinction between health and financial data on customers. They are just as sensitive and confidential. I will give you a preview what will be required of you in the financial services sector if the legislators share the same view as our compliance officers. Can your CRM system…
- … accommodate future requirements on a granular and multilevel access systems where your personnel only get access to customers on a need-to-know basis.?
- … block certain fields for users?
- …provide an audit trail and tools to set up alerts when users try to access data they are not entitled to?
- ….ensure that customers are “forgotten” when they ask for it?
Or, to put it short – how compliant resilient is your CRM-system?