I think we can all agree that the best way to tackle a puzzle is to start with the edges. But as we all know, even when the border is finished, there’s still a ways to go before the picture is complete.
We’ve talked in the past about the importance direct marketing service providers need to place on security practices. With customers and data coming from highly regulated industries, we’ve found standards such as ISO 27001, PCI DSS and HIPAA provide invaluable corner pieces when assembling the security management puzzle. But as important as those pieces are, the picture isn’t complete without understanding and integrating the needs of the stakeholders driving this need—our customers.
Strong Security Practices are a Shared Goal
When it comes to security practices, we’re all in this together. That’s why it’s important for customers and providers to communicate concerns and requirements with each other to ensure each party’s needs are addressed. Making security part of the business conversation is an essential part of making security part of a company culture.
We know the security demands placed upon industries such as healthcare, finance and insurance also extend to vendors of those industries. In order to foster strong relationships with customers, direct marketing providers must strive to continuously demonstrate that they take security just as seriously as their clients. Whether it’s adherence to compliance standards (like ISO, PCI, HIPAA, etc.), specialized training (in areas such as fraud, waste and abuse, code of ethics, etc.) or policy language, providers need to integrate these requirements into their own processes, making them an essential part of their governance, risk and compliance programs.
A Culture of Security
At IWCO Direct, that process starts from the first day of employment, when new employees receive security awareness and critical compliance training, including materials directly from our customers. From there, our internal security requirements are seamlessly integrated with those of our clients into our Employee Guidebook, data security policies and everyday procedures. We continue to build security awareness into our company culture with ongoing communication across the organization through channels such as our company newsletter and security flyers.
We make sure that our employees understand that security is part of everyone’s job, and that in order for that job to be done right, discipline and diligence are required at all times. It’s a lot of work, but it’s a lot of important work.
If you’d like to learn more about security practices in the direct marketing industry or how we manage security at IWCO Direct, feel free to contact us. We’d be happy to help you add some pieces to the puzzle.
Subscribe to SpeakingDIRECT to have new articles delivered to your inbox as they post. We promise to keep it fresh and interesting.