Wells Fargo's Statement Snafu, Or Why PIDM Isn't Just About Digital

This week, some Wells Fargo customers in South Carolina and Florida got a nasty surprise. Turns out, a "malfunctioning printer" printed multiple customers' account information (including transactions and, in some cases, Social Security numbers) on the pages of other customers' statements. 

The number of customers affected hasn't been made public -- a real misstep in my opinion, and one which renders Wells Fargo's public apology rather hollow sounding. Remember: Transparency is a key factor in gaining consumer trust in the era of personal identity management.

Aside from the bank's public handling of the matter, though, there's another important issue. Too often, when organizations talk to us about security and privacy, they're focused on digital data. But the truth is, there is plenty of analog data that follows individuals around, from in-store transactions and personal trainer visits to, yup, mailed bank statements. It's not enough for firms to spend millions of dollars protecting consumers' digital footprints if they're not also thinking about both inbound and outbound uses of offline data. 

Does your organization have discipline and governance around the way offline data is captured, managed, and disseminated?

Categories: