An exclusive report co-published by IAPP and BigID shows that an increasing number of organizations are investing in data rights management resources and strategic efforts — and financial services leads that charge.
The report surveyed more than 475 privacy and IT professionals worldwide — with the second largest group representing the financial sector — on their current data rights practices and future plans to extend those efforts.
83% of Financial Services Orgs Will Invest in Data Rights Management
Global privacy and protection laws increasingly grant individuals the right to access, correct, delete, or otherwise control their data. In response, 70% of companies overall plan to put money behind data rights management — and financial services outpace that norm at 83%.
Fifty-seven (57%) percent of financial services organizations are prioritizing data discovery, inventory, and mapping as an area of future data rights management investment.
Where Financial Services Outpace Organizations Outside the Industry
Regulations like the GDPR and CCPA — as well as industry-specific laws like SOX and GLBA — have prompted financial services companies to prioritize more effective management, transparency, and automation of data rights for their consumers and employees.
An overwhelming seventy (70%) percent of organizations in the financial services sector place request response time as the top measure of their data rights investments’ success. This is a reverse from the overall trend of companies outside of financial services, who more commonly (at 62%) measure success by the number of data access and deletion requests they receive.
Automation in Financial Services
Given its emphasis on response time, it’s no surprise that financial services also paves the way in prioritizing automation.
When looking to the future, nearly half of financial organizations report that the degree of automation (45%) or number of data systems and stores covered (45%) will establish the top metric for their ongoing data rights management programs.
Other industries more commonly plan to measure their programs’ success by benchmarks against industry peers (46%) — with automation coming in second at 37%, and coverage of data systems at 31%.
Manual Processes vs. Automation
With nearly half of organizations processing data rights requests manually by phone, email, or an online portal, automation is critical for companies to achieve consistently timely responses — and fewer than 20% of organizations currently use an automated data rights management tool.
On top of that, manual processes have limited internal resources. Seven out of ten organizations overall have fewer than six employees responsible for data rights management. Financial services organizations come in slightly above this average, with 64% of organizations staffed at fewer than six employees managing data rights.
The Future of Data Rights Management
With 13% of organizations currently receiving more than 1,000 requests per year — mostly in the financial, software, and retail spaces — automation is increasingly crucial for organizations to manage and fulfill access, deletion, opt-out/do not sell requests, and more. And as privacy regulations gain traction, there’s more of a need than ever for automated, efficient data rights management that’s based on comprehensive data discovery.
Find out more about how institutions in the financial sector plan to manage their future data rights in the full research report on The State of Data Rights from the IAPP and BigID.