Sherri Adame, Chief Customer and Reference Data Governance Officer, Cigna
Enterprise Metadata & Master Data Leader (views expressed are her own)
According to many dictionaries a ‘rally cry’ is a something that unites people in support of an idea. I wonder if our society hears the rally cry from its data. We have witnessed so many data mismanagement events this year. From social media, to credit bureaus, to restaurants, to hotels, it’s clear our data is not safe. Our personal data has given its rally cry to be protected and governed.
I have heard the cry and responded. I made up a pattern that includes letters, numbers, and special characters for passwords that I can easily change. I now change my personal passwords at the same frequency I am required to change my corporate password at my place of employment. I have made up an alter ego that is of a different age and is sexless. I no longer supply my actual first or last name, ordate of birth to retail, rebate, loyalty, and specialty websites. I own that and unless a service or process is going to provide me a payment for my information I will not freely share it anymore. If I cannot trust organizations to protect me, I will do everything I can to protect myself.
How many other individuals have heard the rally cry and are taking similar actions? We cannot be sure. I think it is time for the people to take ownership of their data. As the industry shifts and flexes based on these developments, we are all witness to data monetization gaining ground. I think 2019 will be the year of the individual. People are recognizing the importance of protecting their data and data monetization is shifting to be the advantage of the individual.
Technology is pushing things in that direction. The disintermediation of blockchain begins to imply that individuals can ensure that their personal information is secure and accessible only when they define a preference for it to be shared. It’s the first time the user can help ensure that their online habits are kept from prying eyes.
Corporate leaders need to understand the basics of internet connection, encryption and system logs
As society shifts and flexes our 15-20 year olds are learning how to use social media responsibly and witness first-hand the implications of bad data as they watch their friends and family suffer consequences from social media interactions. They are also learning how to block certain people they don’t like from seeing their interactions. Teens are teaching each other how to hide messages, interactions, their location and other life details from anyone in a position of authority over them. It is becoming an intrinsic part of their life that they can control their technology to show or hide their actions as they please. I hope we see the dawn of data protection classes in high schools in the next 3-5 years.
I also see the rally cry to CEOs to know more about data and how to protect it. With so many companies now being driven by data there is a requirement for boards of directors and CEOs to be able to ask the right questions on behalf of their customers. A high level understanding of technical infrastructure is must. Corporate leaders need to understand the basics of internet connection, encryption and system logs. Cyber security is fast becoming a CEOs responsibility as witnessed by coverage of the hacks to airline and ticket selling data. The board of directors should have a line of sight to the enterprise data governance program to ensure that data quality is sound across the enterprise otherwise investment in AI, machine learning, and analytics will produce ‘bad’ results.
Finally in 2018 we have seen a change on the legal front. California has passed the California Consumer Privacy Act of 2018. This is an amazing act. The Act gives “consumers” (defined as natural persons who are California residents) four basic rights in relation to their personal information:
1. The right to know what personal information a business has collected about them, where it was sourced from, what it is being used for, whether it is being disclosed or sold, and to whom it is being disclosed or sold;
2. The right to “opt out” of allowing a business to sell their personal information to third parties (or, for consumers who are under 16 years old, the right not to have their personal information sold absent their, or their parent’s, opt-in);
3. The right to have a business delete their personal information, with some exceptions; and
4. The right to receive equal service and pricing from a business, even if they exercise their privacy rights under the Act.
To me, this is solid step in the right direction. A person should be able to ask what data do you store about me and be able to say stop storing my data you no longer have that privilege.
I can’t wait to see how corporations and the general public respond to the rally cry from their data in 2019. Is 2019 the year you can subscribe to a platform that allows you to exercise you’re in alienable rights on your personal data and profit from your data’s uses. I hope so.