Humans love to collect things. Usually, these collections are innocent—stamps, coins, mugs, and what have you. But in the corporate world, the most prevalent kind of collecting—data hoarding—is far from innocent and can leave your company vulnerable to data breaches, fines, or worse.
Data hoarding means collecting files and/or information and storing them indefinitely. In most businesses, that means continually collecting new customer information and shuttling it into your data stores right away. Marketers might instinctively try to do this so they have a constant stream of information. However, from a privacy compliance perspective, data hoarding is a terrible idea. Let’s look at a few reasons why.
The more data you have, the harder it is to keep track of it all and manage it effectively. Worse, it’s also harder to protect. After all, most security programs or practices aren’t intended to cover a massive and constantly growing data collection. If a data breach compromises your company, all of that data is suddenly at risk.
Many privacy laws include provisions for customer consent to expire. If the customer doesn’t renew their interest, you’re no longer allowed to use or retain their data. And even without legally mandated expiration dates, customers will occasionally unsubscribe or request not to be contacted anymore. Expired data in your hoard can open you up to fines if you accidentally continue to use it after consent has expired or been withdrawn. And of course, if this expired data is stolen during a breach, then the customer is exposed to risks because you didn’t comply with their request to remove their data.
The bigger a data hoard becomes, the harder it is to manage it overall. This includes user access. And if the collected data is disorganized, as it often is, things get even more complicated. Let’s say User A is allowed to access names and phone numbers, but not emails, while User B is allowed to access all three. These distinctions are hard to make when the data is all thrown haphazardly into a hard drive.
It’s also possible that your resident data hoarder is collecting information they shouldn’t have access to. This, of course, leads to a whole different set of privacy and security risks.
If a customer wants to see, edit, or remove their data from your systems, you need to be able to find and process their data quickly. Finding the right data in a massive, disorganized data hoard is the opposite of fast. On top of that, you have to make sure you find ALL the relevant data on that customer, no matter how old or obscure it may be, including any potential duplicates. This could lead to missed deadlines and decreased customer satisfaction, not to mention damage to your company’s reputation. It can also cause DSAR costs to pile up as you have to share larger and larger amounts of data with users.
One common theme emerges in the data hoarding discussion: company efficiency. Navigating and managing your data hoard requires time, energy, money, and manpower that you simply can’t afford long-term. Your efficiency will be hindered by problems such as:
So, what’s the solution to your data hoarding problem?
First of all, clean out your data stores periodically. Remove data that you know is wrong or that hasn’t been touched in a long time. If you don’t use it, lose it.
Second, keep track of the files you do regularly use as well as how often you use them. This will give you a clear picture of what you can safely delete.
Third, don’t buy more storage space than you realistically need. The temptation to fill excess space with hoarded data is real. Not only will cutting down on storage discourage data hoarding, but it can also save you money on storage equipment or cloud subscriptions.
Fourth, practice data minimization. Collect only the data you need, when you need it, and train your employees accordingly.
And finally: don’t worry that cleaning your data hoard will cost you contacts. The whole point of data cleansing is to get rid of “junk data” that’s just taking up room. Focusing on the customers who actually make you money will yield far better results than dividing your attention among many inactive contacts.
Data hoarding is a serious problem for privacy-conscious companies, but it doesn’t have to be your business’s downfall. Clean out your data hoard and put measures in place to ensure it doesn’t begin to balloon again. With a few changes in habit, you’ll reduce your risk of privacy violations or security breaches.