“That’s the real benefit of this,” says Charles Giordano, associate director of privacy marketing strategy at Bell Canada and former associate director of data governance and strategy. “Opt-in and other privacy controls force you to look at the business value rather than just accessing customer information for information’s sake.”

Bell Canada and other privacy pioneers also give customers access to their personal data and closely monitor which employees have access to that data. They and other experts also say privacy must be ingrained in the corporate culture, which includes nonstop education, making it a part of employee performance reviews and enforcing meaningful punishments for not adhering to privacy policies.

“Times have changed,” says Alan Westin, head of Privacy & American Business. “If you are the CIO, you have to go to the boss and say, ‘It isn’t like the old days. Unless we spend more money and more time on data security, our customer trust and reputation can go down the toilet.’”

Protecting Customer Data: A Cost/Benefit Analysis

Privacy policies that strictly protect customers’ personal data may seem draconian, almost a noose around companies that rely on mining their customer data to better target new products and services, or that make a few bucks in selling lists to other companies. But good privacy policies are not dams. They are more like finely tuned control valves that direct the flow of information where customers’—along with company executives—want it to flow for the best outcome.

That’s why good privacy practitioners follow the first rule of valuing the information they have—figuring out what the information is worth to them in helping meet specific goals, be it better health or more revenue—versus protecting that information so that others cannot view or abuse it. That’s the balancing act John Glaser, CIO at Partners HealthCare System in Boston, was faced with when developing the health-care organization’s intranet. All health-care providers who have privileges at Partners’ eight hospitals and medical centers and the administrative and clinical staffs (37,000 in all), have access to the intranet to check on the electronic medical records of patients. Glaser knew the intranet must protect patients’ records from unauthorized users, as well as from health-care providers who should not be looking at the records, but he also knew the records had to be easily accessed and immediately available so that doctors and other health-care providers could administer the best care in an emergency.

As a result of that value analysis, Partners’ intranet does not have a complicated identity management application that controls access to patient records. When a health-care provider or administrator signs onto the intranet to check a patient’s health record, the user must provide her name and relationship to the patient, whether she is the patient’s personal physician, attending nurse or lab technician. The system allows access only to those health-care providers who have a working relationship with Partners. However, there is no electronic means to verify the provider’s identity through a password or some other second-factor identification.