This week the BBC News reported “40 million T-Mobile customers hit by US data breach”; this follows their 15m customers affected by a security breach in 2015. Online data theft is becoming all-too-common, and one wonders if we risk becoming complacent by this ever-common threat to the safety of our personal data. Remember Facebook, BA? The list goes on…
Perhaps I’m over cautious, but if like me you shred all letters with your name and address before binning and you refuse to put your dog’s name on a dog tag (here Rover, I know your name, I must be a friend, come with me), then any reassurance of “don’t worry your financial data has not been compromised, only your personal data has” is of scant importance.
The Data Protection Act 2018 controls how our personal information is used by organisations and is the UK’s implementation of the General Data Protection Regulation (GDPR). It’s a good step forward and aims to protect our data; eye-watering fines are levied for any serious and persistent breach. All well and good you may say. However, for those whose personal information has been stolen, and in the all-too-common scenario of subsequent identity theft, there is little solace in the company responsible receiving a fine, whilst the affected individuals try to re-build their financial lives, clear their names, and attempt to reset their credit score, which is crucial to maintain any kind of future lifestyle.
This, of course, is at the heart of Social Value – having that corporate social conscience that not only considers data protection from a legislative point of view, or even an acceptable level of ‘collateral damage’ point of view, (i.e. how much is covered by insurances, how much damage can we afford to sustain); we need to understand how our cyber security investment decisions are affecting individuals, as well as the commitment we should have to our customers.
The protection of personal data across a corporate’s infrastructure is a vast topic; from protecting corporate mobile devices, to securing network devices, securing data both at rest and in transit, preventing the loss of data, ensuring data integrity, cyber training and user awareness training – it can be a minefield of potential solutions, cost and risks. What’s the budget? How much should the budget be? Should I get best in class or best to purely mitigate our risk? What is our risk? How do we quantify priority of solutions? How do we justify both approach and cost?
Business Justification planning typically allows for assessment of future investment options on a financial basis; if we spend £x here, will we see that money coming back in profit? Is it a good financial decision? The Data Protection Act, and the heightened activity of GDPR, threw another measure into the mix – will our planned future investment protect our company from ICO investigations and fines, will it protect our brand?
Considering Social Value we also need to be considering and measuring how we are impacting society / customers / environment / our community with our strategy and investment decisions – is that impact positive? From research, an organisation may already know that what they’re doing is valuable to society, yet to demonstrate the value created, effective measurement tools for the different elements need to be established. It’s a reality that organisations need to measure and report on all aspects of their operations, with a growing and strengthening emphasis on transparency.
Some elements can seem tough to measure, yet with the right tools anything can be monitored, measured and reported. Accordant’s bespoke AccSL® suite of software, which encompasses AccSL® Finance (Cost Benefit Analysis), AccSL® Carbon and AccSL® Social modules, allows us to capture and analyse the three pillars of People, Planet and Prosperity quickly and address the challenge – skills, time, depth of analysis and reporting – in a single pane of glass.
With an increasing number of organisations and customers considering Social Value credentials as a significant part of their buying decision, this is an area of interest which is only going to grow. Wherever your organisation is on its Social Value journey, we would be delighted to demonstrate how Accordant could partner with you to bring added value to both your organisation and your wider stakeholders.