Companies in highly regulated industries have to be extra vigilant and protective to ensure compliance. For these industries, there is an even greater need to consider how lead data is managed in business systems such as Adobe Marketo Engage and other marketing automation platforms (MAPs).
Considering Industry-Specific Compliance Requirements
Highly regulated industries are those which face additional scrutiny and have more specific compliance rules to follow. In the United States, these include healthcare, pharmaceuticals and financial services, though there are many other industries that are also closely regulated. As an example of industry-specific rules, healthcare is subject to the Health Insurance Portability and Accountability Act (HIPAA), which protects medical records and related personal health data.
In the effort to provide more relevant, personalized experiences for prospects and customers, companies rely on increased levels of data about individuals. Businesses need to consider the balance between data-driven experiences and being mindful of compliance.
The primary incentive to address proper management of lead data is to avoid risk. Failing to comply with industry-specific regulations can lead to large fines and potential imprisonment, so it’s a big deal and can have huge impacts on the company.
Secondarily – but also important – protecting customer data will help maintain a good relationship with them and build brand loyalty. People will be more likely to do business with organizations they trust. If that trust is broken, it can be difficult to recover. This is relevant for any business, not just those in highly regulated industries.
Building a Foundation of Trust
MOPs practitioners should consider compliance concerns at time of MAP implementation to avoid introducing risky practices. Untangling processes after they’ve been in place and trying to protect data after it’s already been surfaced can be a challenge.
Reducing Exposure of Sensitive Data
Marketo Engage is HIPAA ready, for example, but that doesn’t mean that no actions are required from administrators. There are a few ways that lead data can be protected when using Marketo Engage, starting with which data is entered in the database. Never put super-sensitive data such as social security numbers or credit card information in Marketo Engage. Limit personally identifiable information (PII) and protected categories of data to only those data points that are critical for marketing purposes.
For data points that are necessary to store in the database for marketing use, there are options to limit potential exposure. In the May 2021 release, Marketo Engage added the ability to mark a field as sensitive in Admin > Field Management. When this setting is selected, the field will never pre-fill on forms even if other fields are eligible to pre-fill. This will avoid accidentally exposing the value to someone else in the vicinity or working on the same computer. When personalizing email content, avoid using sensitive data as-is in tokens. Consider an alternate field with masked values to reduce the risk should the email account be compromised.
If leveraging sensitive data for targeted communications, consider using a customer data platform (CDP) such as Adobe Real-Time-CDP to create the audiences so the raw data itself never has to enter the MAP. Also built on the foundation of Adobe Experience Platform is the Privacy Service, which allows teams to manage customers’ data access and deletion requests to maintain compliance with relevant data privacy regulations.
Developing a center of excellence with compliant templates and a standardized work process can provide a foundation for the necessary checks. The QA process, for example, should always include a messaging compliance review to make sure lead data is used appropriately in communications, as well as any disclaimers or other labeling requirements are in place before an email is deployed.
Legal Expertise Required
It’s critical to work with legal counsel to ensure Marketo Engage configurations, plans and processes cover all aspects of relevant industry regulations. A cross-departmental governance team may be established to conduct the marketing workflow compliance reviews.
MOPs teams in highly regulated industries face additional scrutiny, but that doesn’t hinder the ability to personalize experiences. Following practical steps in Marketo Engage configuration and processes can limit risk while maintaining best-in-class marketing.