In many organizations, business contracts used to focus primarily on security-related requirements and very little on data privacy requirements. Now, nearly every customer request for proposal (RFP) includes very specific and defined privacy and data protection requirements — and this sure is a welcome change.
The new regional privacy laws in the U.S., and broader regulations around the world, that take the privacy of customers’ data a lot more seriously are driving this change. In the past 12 months alone, the progression of U.S. privacy laws have become so common that organizations now have dedicated privacy programs in place to handle a myriad of shifting, state-based requirements.
Recommended:
Corelight Expands Partnership with CrowdStrike to Provide NDR Technology for CrowdStrike Services
As we reflect on Data Privacy Day for 2023 in late January, we acknowledge how this progress is great for the general population since consumers can feel more confident that their information is being properly protected.
The digital age removes the barriers of location
Another reason for people to demand that their privacy and protection be prioritized is how mobile and distributed our society is in this digital age. In the mobility space in particular, forward-thinking transit agencies are leaning on mobile applications to modernize and simplify fare payment options and to reward earning capabilities for riders. With consumer payment data cycling through these applications, it is essential that transit agencies and the technology providers involved protect that information to prevent potential fraud.
Rewards programs through transit mobile applications offer a unique challenge in that the riders have to relinquish some of their data to realize benefits or perks offered for their travel experience. For instance, if riders use a mobility app, they may have access to real-time incentives, fare discounts, and loyalty rewards that can result in a smoother transit journey, discounts on goods or even money to use towards future trips.
Caring for the customer, earning their trust
To maintain rider trust, we recommend that organizations handling rider data refine their focus on threat analysis across every part of the business, to detect and mitigate security events rapidly. Often, transit agencies are working with several technology partners to keep fare payment systems and rider apps operational. Thus, supply chain security is a key area of focus on Data Privacy Day and beyond, to help transit agencies and their partners keep data secure.
On the flip side, innovation and competitiveness is often not possible without essential concessions for sharing data sources with outside organizations. As long as these organizations still put the protection of staff, partner and user data first through agility, threat analysis and mitigation and supply chain security measures, these efforts can yield very successful and advantageous results to the rider experience.
There’s no question that data privacy is critical to success for the agencies and technology providers that handle rider data. In most cases, and certainly in ours, the commitment to providing a superior customer experience will inform all decisions and efforts that create a secure and seamless payment process for the transit user.
CIO News: Applied Insight Announces Strategic Collaboration with AWS
