Consumer concern grows over what happens to their data when they die

The latest figures from the ICO reveal that consumers are becoming increasingly concerned by inaccurate data held on them by organisations. Last year it was the third highest complaint made behind queries on subject access and disclosure of data. Excessive/relevant data and retention of data also made the top 10; all racking up more queries than the previous year.

It is fair to say that the figure could be skewed as a result of consumers’ increasing awareness and understanding of the value of their data and indeed a growing awareness of the ICO and its role in data protection. Hence more people than ever before are flagging their concerns with the regulator. But skewed figures or not, what this shows is that customers are not just worried about data security they are actively concerned about what happens to their data. And rightly so. A person’s personal information is akin to an asset and remains owned by that person no matter if they share it with someone else.

Much like we would want to know what happens to our savings if we invested them into a stock portfolio, consumers want to know what is happening to their data; particularly if they stop being a customer of an organisation or if the worst was to happen and they pass away. Many organisations fail to remove such data from their customer databases in these instances. With the onset of GDPR from the end of May next year consumers are going to have more control over their data and will have a right to understand exactly what organisations do with it and how long they keep it. Under Article 5 of the new directive businesses, public sector and charities will be required to keep their databases up to date including removing irrelevant records (such as deceased ones) as soon as possible. Data hygiene will therefore not just be a concern for consumers, but will be for organisations, too.