When privacy policies bite back – Learning from the Radio Shack case

PUBLISHED May 29, 2015 IN Online Marketing

WRITTEN BY Myah Shein

When privacy policies bite back – Learning from the Radio Shack case image

“We will not sell or rent your personally identifiable information to anyone at any time.” (source)

Sounds good, right?   And they meant it when they said it… until that didn’t suit their needs anymore.

Radio Shack, finally taking its last breath, is in the process of selling off its assets in bankruptcy.  One of its more valuable assets, if the courts rule in its favor, is the customer database built over decades.  But there’s one problem.  Radio Shack all along promised it wouldn’t share the information entrusted to it by customers.

So how does this apply to your professional services firm?

Obviously, you have a lot of personal client information that you are obligated to keep private.   And you’re keeping it all safe, surely.  No problem – for now.

While no one plans to go bankrupt, it does happen – just ask Radio Shack.  And you may not be considering a merger, but mergers are trending up.  On a more daily note, CPA firms get requests from clients to send tax returns or financial statements to bankers or investment managers.   Insurance brokers send and receive aggregate or individual medical documents which may trigger HIPPA compliance issues.  All of this is considered confidential by state/federal law or standards of the profession.

According to Ralph G. Picardi, Esq. of Picardi LLC, an attorney who specializes in CPA firm risk management, these events (bankruptcy, mergers, bank requests, etc) all fall under the same category.  Firms must receive prior written consent before sharing client information with third parties.

Now you’re thinking, OK Alison but stick to marketing…. OK!  Have you considered this??

Like Radio Shack, your firm collects personal information on your website from the “newsletter signup” button and through your Google Analytics (to a varying degree depending on your settings).  What does your privacy policy page say about your usage of this information?  I recently signed up for a CPA firm newsletter that has this privacy statement “Privacy is important to us; therefore, we will not sell, rent, or give your name or address to anyone.”  In the event of a merger or even a joint seminar, this firm should receive prior written consent before sending any further emails.  Seems like more trouble than its worth when there’s another way…

Louise Leduc Kennedy, Founding Attorney at West Hill Technology Counsel, advises that “A well-drafted (not plagiarized) privacy policy can help you create trust with customers and newsletter subscribers who understand how you will and will not use their personal information.  And later, and if/when you are looking to sell your firm, you will be able to transfer the customer and subscriber lists that are an important asset of your business and reap the benefits of all your hard work.”

Summer is a great time to tackle non-time sensitive issue like privacy policies and best practices for sharing client data.  It sure beats a phone call with your professional liability insurance firm or your malpractice attorney!