Half of consumers say it’s an organisation’s responsibility to protect their personal data

51% of British adults think it’s an organisation’s responsibility to protect their personal data from online theft and only 9% believe it’s their own – that’s according to our research carried out with the help of ComRes. Among other factors, our investigation looked at consumer attitudes and expectations of businesses in the event of a data breach.

The UK government’s ‘Cyber security breaches survey 2017’ adds other factors to the mix: businesses that hold electronic personal data on customers are more likely to have had breaches (51% versus 46%). The same survey also finds that organisations face considerable financial costs from breaches, not just in terms of recovery and repair, but also the long-term damage to the business’ reputation among customers and investors.

There can be little doubt then, that not only are consumers increasingly putting the onus on businesses to keep their personal data safe, but that the reputational repercussions of a breach can cost a company dearly.

While it can seem like panic stations when a breach happens, putting the customer first – is a priority. With a staggering 85% of consumers we surveyed saying they expected to be notified within 24 hours of a breach, every action you take can affect trust and confidence in your business. And that’s a dangerous situation for any organisation to be in.

A look at what our research has shown about customer expectations in the event of a data breach, may shed some light on the measures you should include in your response plan to avoid trust being broken.

What customers expect you to do following a data breach:

  • 59%: advice & support on what to do
  • 50%: financial compensation
  • 50%: pursuing those responsible
  • 37%: web monitoring
  • 31%: credit monitoring

Another finding that stands out is that among those who would be discouraged from using an organisation’s services following a breach, more than half (53%) say taking increased security measures to protect their data in the future could redeem their trust. While 40% believe prompt and transparent communication is key.

With this in mind, we advise that your data breach response plan includes customer services, whereby a third party will create a dedicated team of frontline experts to speak to concerned customers allowing your own staff to continue with important business as usual activity. This means your customers are informed, not left in the dark – and takes the pressure off you, as you deal with the recovery.

A data breach can take a heavy toll on any organisation. But with an increased public awareness of data breaches, ensuring customer loyalty is more important – and harder -than ever. We would say that a response plan that doesn’t put communication and safeguarding interests of your customers above everything else, may be putting your business in jeopardy if a data breach occurs.


Find out more about how Experian help organisations put readiness plans in place so they can know, prepare, and recover with confidence in the event of a data breach.

Read our whitepaper: Readiness vs The Reality

ComRes: BUSINESS SURVEY ComRes interviewed 200 Business IT decision-makers in Great Britain (Online) between 9th – 16th January 2017. Respondents were surveyed across a variety of sectors and business sizes, ensuring good representation from all business types. All were screened to ensure they were involved in or aware of data breach management at their organisation, and all organisations had to be responsible for at least 100 Personally Identfiable Information (PII) records. Given the subject of the survey, respondents in the IT and Financial sectors are over-represented. ComRes also conducted similar research in 2016 with SMEs.

CONSUMER SURVEY ComRes interviewed 2,001 British adults online between 13th and 15th January 2017. Data was weighted by age, gender, region and social grade to be representative of all British adults aged 18+. ComRes also conducted similar research among British adults in 2016 and 2015. ComRes is a member of the British Polling Council and abides by its rules. Data tables are available on the ComRes website, www.comresglobal.com.

This article is about: consumer data, cyber security, data breach, data quality, gd, GDPR, Response plan