Milwaukee, WI · Washington, DC · Boston, MA

  1. Crisis Mode
  2. Data Security Measures
    1. Preparing For The Inevitable
      1. Building a Data Breach Plan
        1. Planning for the Initial Response/Investigation
          1. Social Engineering
          2. Develop an Investigation Plan
          3. Involve Appropriate Company Resources
        2. Building a Notification Plan
          1. Understanding The Laws
            1. State Laws
          2. Who Must Be Notified?
          3. How Will Notifications Be Completed?
        3. Media Issues
          1. Media Plan
          2. Dealing With The Media
        4. Government Agency Issues
          1. Creating a Government Response Plan
          2. Dealing With Government Inquiries
          3. Developing Relationships
        5. Customer/Consumer Issues
          1. Customer Retention Plan
          2. Customer Response Plan
        6. Building Relationships with Vendors/Suppliers
      2. Implementing a Data Breach Plan
        1. Coordinating among Company Departments
        2. The Role of Legal Counsel
      3. Testing a Data Breach Plan
        1. Assessing the Plan
        2. Mock Exercises
        3. Alter/Update as Needed
      4. Assessing Your Data Breach Vulnerabilities
        1. Catalog Your Personal Information
        2. Developing a Company Training Process
        3. Understanding Privacy Promises
        4. Preparing for the Unexpected
        5. Assessments/Audits
        6. Establishing a Point of Responsibility
        7. The Role of Legal Counsel

Customer Retention Plan

Your customers rely on you to provide the highest quality service or products. They also rely on you to handle their personal information appropriately. A data breach could drive customers away for good.

A recent study on the effects of data breaches on customers found that nearly 20% of customers terminated their relationship with the company that improperly disclosed their data. Another 40% considered taking their business elsewhere. You cannot afford this breakdown in customer confidence following a data breach.

It is not impossible to maintain or restore customer confidence. In fact, the task is not as daunting as it sounds. A properly prepared and implemented Customer Retention Plan can assist in keeping customer confidence and future business. Remember the following points when crafting your plan.

Leave lines of communication open. Silence may be taken by customers as apathy to their situation or, worse, a tacit admission that your organization did not care about protecting data under your control. You must provide some avenue of communication to allow customers to ask questions or just vent their frustrations.

Don't ignore or trivialize the customers' concerns. Although you may believe that the risk of identity fraud is fairly remote for any given breach, your customers won't see it that way. In fact, they may agonize over the situation, and they may be looking for someone to blame. Although the data thief is the one who should shoulder all of the blame, that person is unknown, and likely will remain that way. Your organization, on the other hand, stands as a perfect target for customer rage. You must therefore defuse the situation by empathizing with their anger and resentment.

Keep your message consistent. Whether you have one person dedicated to fielding customer calls and complaints or a team of customer representatives, you must ensure that every customer is being told the same thing. Scripted talking points may help keep every person in your organization on the same page.

Consider offering identity fraud protection assistance. Customers may appreciate, and perhaps even expect, credit fraud protection for a certain period of time. Offering these services can be made to show that your organization is committed to the protection of a customer's name and credit, despite the fact that your organization suffered a breach in the first place.

Identity fraud protection assistance is just one tool in a menu of services or products that could be provided to alleviate customer frustration. You know your customers best. Consider creative ways of providing assurance to them and maintaining the customer relationship.

Customer interacting and involvement is the key. Customers will appreciate the extra steps you take to hear their concerns. Continuing commitment to your customers following a data breach can only help maintain and restore that all-important customer confidence.