Right now, simplifying and protecting data collection and management systems is more important than ever before. With the GDPR deadline behind us and moves afoot to introduce similar protection policies in the US, businesses have to take a close look at how they collect, store and protect sensitive personally identifiable information (PII). Typically PII is:
- racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership
- genetic or biometric data processed to uniquely identify someone
- data concerning health or sex life/sexual orientation
If your business stores this type of data, you will need a legally defendable reason for keeping and using it.
Article 25 of GDPR talks about "data protection by design and default". In other words, embedding data protection into your daily business activities. This is huge and cannot be solved in this article but clearly, you need to start by only collecting the absolute minimum of PII you need.
Your lead pipeline is likely to be the first collection point for PII. Don't worry about collecting browsing analytics from anonymous visitors but do think about what form fields you are asking them to complete - collecting unnecessary data exposes your business to risk. Forms that collect PII must get explicit consent from the visitor to store the data in your system.
So where do you save the data and how do you control access? To meet GDPR requirements, restricting access to PII data by authentication alone is not sufficient; you must also ensure each user has the correct level of access to the data. This requires a storage system with these capabilities.
You should add the new lead to a secure CRM like Salesforce but you should not be doing this by synchronizing the data with your website database. Why? Because the synced data would then appear in two different systems and introduce the following problems:
- The PII needs to be secured in two places
- The PII is exposed to a wider user group than necessary
- CRM users cannot be sure the PII is up-to-date and complete
- Additional synchronization complexity is required:
- Create/update decisions to prevent duplicates
- Delete decisions to remove redundant records from both systems
- Backup and restore complexity
Above and beyond this, for practicality, staff should go to one place to find out all the information they need about a lead or customer. A CRM is an obvious choice for your single source of data and, of course, CRM's like Salesforce, have the ability to restrict and control access to PII data at a very granular level.
At FuseIT, our expertise is in integrating Sitecore with Salesforce where the CRM (Salesforce) is the single source of data. At a very high level, Sitecore serves website content and forms, and Salesforce handles the processing and storage of data. Both systems have features that support the secure storage of PII including Sitecore configuration support, and PII encryption in Salesforce with Salesforce Shield.
If you have questions please feel free to contact us at firstname.lastname@example.org.