Compliance = Keeping Promises = Building Trust

Travis Good
June 29, 2020

Today, the business world operates at the speed of trust. The fear associated with storing, processing, and sharing personal data is top of mind for almost every business. Whether because of regulatory risk or reputation risk, every business in the world today is balancing data as both an asset to be leveraged and a liability to be managed. If your company offers products and services to other businesses, it is essential that you build and maintain trust. Trust helps you succeed in leveraging customer data and managing the risk associated with your access and use of customer data.

In the not so distant past, it was enough to just make promises to your customers about how you handle their data. These promises entailed policies and procedures as well as point-in-time security assessments and audits. This has changed.

In 2020, it is not enough to make promises, or simply adopt privacy policies and procedures without executing them across your company. You, and your entire workforce, need to keep these promises by following your policies and procedures. You have to carry your policies through to execution.

SOC 2, HITRUST, and more regular security assessments required customers and partners have changed this paradigm.

  • SOC 2 Type 2, the new standard in enterprise compliance frameworks, assesses the implementation and effectiveness of your privacy policies and procedures over a defined period of time.
  • HITRUST, as it has updated its scoring mechanisms to meet changing market demands, requires higher performance on the implementation of policies and procedures than ever before. In 2016, as a small to medium-sized company, you could be HITRUST Certified based predominantly on having policies even if many were not implemented, or implemented fully. This is no longer the case.
  • Regular security assessments by customers and partners, sometimes done as often as every quarter, require continual proof of kept promises.

Compliance is how you keep promises to your customers. Compliance is no longer a checkbox activity. Compliance is how you keep and maintain trust. And it is much cheaper to keep promises proactively, to dedicate and budget resources to it, than try to earn back trust after losing it.

New regulations like GDPR in Europe and CCPA in California have turned almost every industry, especially the software industry, into regulated industries. The odds of needing to comply with a data privacy regulation are extremely high in 2020.

When you comply with a regulation like GDPR, CCPA, SOC 2, PCI, or HIPAA, you are making promises to meet the rules of the regulations. The controls you document in your privacy policies and procedures are your commitments to meeting these controls. Compliance, in the form of internal and external audits and security assessments, is proof that you are keeping those commitments

Now, as never before, trust is a differentiator. Compliance has traditionally been an isolated function. In 2020, your customer support, success, sales, marketing, and partner teams need to be able to build trust in your brand. All of these groups need to be able to prove that your company is keeping its promises. If not, trust and compliance will become a blocker to customer relationships and growth.

At Haekka, our mission is to elevate trust by connecting the tools you already use to automate workflows and align day-to-day work with company priorities, policies, and procedures, creating constant proof of kept promises that build your brand trust with customers. If you want to elevate trust for your company, contact us today.