Just before Dave started his new role in data privacy, thieves stole his identity and applied for three credit cards in his name. “It taught me what needs to be done to safeguard customers – and also how not to do it,” says Dave.
“We’re sometimes so focused on the strategies we’re working on that we forget the real risks we’re trying to minimise for our customers, so this was also a lesson in bringing it back to day-to-day life. With that in mind, it becomes easier to communicate the issues and the solutions.”
“15 years ago privacy probably didn’t make it into the top three of a company’s priorities –maybe not even the top 10,” he says. “Now though, privacy and security are right at the top of the agenda. Companies are measured on how well personal data is safeguarded, and it’s especially true in a world opened up by digital banking.”
Dave plays a crucial role in protecting not just our customers and colleagues, but our business and reputation. He points to studies that show customers are loathe to return to a business if they suffer a data breach.
“Being robust isn’t about being aggressive– it’s actually about being strong enough to make the right decisions, being resilient and being able to adapt in a fast-changing world. Our privacy and security are excellent, but just as the external environment is continually changing so are we, continually improving and making it possible to introduce new services and products without increasing risk.”
One of the challenges Dave faces is communicating complicated privacy issues to colleagues and internal stakeholders – only when everyone understands what’s required can there be a truly robust strategy. And security and privacy are certainly complex.
Bringing in a range of stakeholders with different perspectives and then making sure they’re listened to is vital. He strongly believes that when a diverse range of people have a voice, there’s less chance of missing something that could weaken the strategy.
“It’s also important to talk to experts outside NatWest to get a range of opinions about what they’re seeing across the industry and to look at how they’re minimising risk,” he says.
We know that in order to help people, families and businesses thrive, we need to get privacy right and as a result have ongoing Privacy Transformation Programmes covering both GDPR & ePrivacy to ensure we adapt to changes in technology, changes in laws or regulatory guidance etc.
“Championing privacy with all types of stakeholders is essential to ensuring it’s at the heart of everything we stand for,” he adds. “Being robust in our analysis and solutions – and by setting an example – that’s what’s always at the forefront of my mind.
“Whatever our role, robustness means acting with integrity, taking intelligent risks and looking at problems in a way that leads to the best solutions and good decisions. If we’re robust, we don’t get knocked off course. We’re resilient and we stay safe and secure for our customers, colleagues and communities.”