Privacy and Security Tips for FinTech Companies
Tips for FinTech Companies
Many Fintech companies gather and process large volumes of data to provide financial services reliably, inexpensively, and quickly. According to Alan Safahi of Orinda, Contra Costa, a leading entrepreneur and founder of a startup in San Francisco, much of this data contains sensitive information, such as:
● Date of birth
● Bank account details
● Social insurance number
● Credit score details
● Banking credentials
Alan Safahi of Orinda, Contra Costa says the sheer volume of data increases its sensitivity because Fintech companies can generate a complete and detailed picture of a person. That’s why data security and privacy compliance with applicable legislation is critical. Here are a few privacy and security tips for Fintechs. Read on!
Build Privacy Protective Controls
A data breach is equally devastating for young and experienced Fintech companies. It creates harmful effects on investors’ confidence and customers’ trust. Therefore, Safahi recommends Fintech companies take data security and privacy seriously.
Most Fintech companies have the resources to create privacy-protective controls and establish security safeguards into the developing technology. Fintech companies can also introduce or fit these controls into existing systems and processes.
Develop Information Governance Programs
Fintech companies make developments and commercialization at a rapid pace, leading to various complications. For instance, many companies find it challenging to collect and process personal information before developing and implementing privacy and security frameworks.
Consequently, this creates substantial risks from a security and privacy perspective. Therefore, Safahi suggests companies of all sizes develop and operationalize information governance programs. The purpose is to streamline personal data collection and processing.
Limit Retention of Personal Information
According to Alan Safahi, personal information in the U.S refers to data or info that is not subject to jurisdictions and regulations. However, it must align with U.S privacy laws. Remember, this raises a wide range of challenges for Fintech companies, especially with data retention.
According to U.S law, Fintech companies can only retain personal information as long as it is necessary to fulfill a specific purpose. So, it is crucial to destroy, erase, or anonymize personal information no longer required by the organization.
Fintech business models usually rely on actionable insights from large volumes of data. So, it is not commercially practical to destroy data after providing a service to a customer. Safahi says Fintech companies can turn to anonymization instead of destroying the data.
However, Safahi warns Fintech companies that information is no longer “personal” to be truly anonymous. For example, replacing direct identifiers, such as names, addresses, and financial data elements with unique codes may not result in accurate anonymization. Therefore, it is wise to create a balance between anonymization and data retention.
Overcome Jurisdictive Challenges
Most Fintech companies face privacy problems when expanding their services from one jurisdiction to another. It is because each country has its own data privacy and protection rules. For instance, when launching in the U.K., many U.S offerings require modifications to account for the U.K.’s broad definition of personal information.
Therefore, it is crucial to overcome jurisdictive challenges when expanding your products or services. Because data about a person’s offline and online behavior tracked to a unique identifier (a device I.D. or I.P. address) is personal information in the U.S, U.K., and Canada. However, the rules of privacy vary from country to country.
Understanding the laws and implementing them accordingly can help you overcome challenges related to jurisdictions. That way, you can maintain the security of your customers’ private information. Until Next Time!
Alan Safahi is a serial entrepreneur with 30+ years of experience in the information technology, telecommunications and FinTech segments.
About the Creator
Alan Safahi Orinda CA
Alan Safahi is an Iranian-American entrepreneur and six-time startup founder with over 30 years’ experience in the information technology, telecommunications and financial services industries.
There are no comments for this story
Be the first to respond and start the conversation.