Is your deceased suppression strategy GDPR compliant?

If you regularly screen your data using a deceased suppression file you would expect to have clean and accurate data. However, you may be surprised to discover you could still have significant numbers of deceased customers in your database, leaving you at risk of non-compliance.

Unfortunately, it’s a common problem. Misconceptions about suppression files mean many data managers are completely unaware that solutions they have been using for years are failing to suppress all their deceased data. What’s more, because they believe they’re working the problem often goes undiscovered for many years.

Over time this results in large numbers of undetected deceased records and inaccurate non-compliant data. With GDPR being implemented since May 2016 the consequences could be serious and far reaching. So how can companies make sure their strategy doesn’t fall short of the standards required?

Here, we dispel some common misconceptions and offer guidance on what every data manager needs to know about deceased suppression.

You don’t need to evaluate your deceased suppression strategy

You do.

Firstly, keeping personal data accurate and up-to-date, and deleting or rectifying inaccurate data, is a compliance requirement, not a nice to have. A lack of awareness of how your suppression strategy is performing is unlikely to be accepted as an adequate excuse for holding inaccurate data. For more information on the rules and standards set out by GDPR download the ICO’s overview.

Secondly, the suppression market has evolved, products have changed. If you’ve been using the same file for several years it may contain very different data today, then when it was first licensed. And that may mean it’s no longer effectively removing your deceased customer data.

We recommend you evaluate your strategy at least once every three years. It’s a simple process and provides assurance that your solution is still fit for purpose and remains compliant.

If you use a bureau to manage your data suppression most will be happy to audit your data free of charge, and share the results so any ‘gaps’ in strategy can be addressed.

KEY TAKE-OUT: Evaluate your suppression strategy at least once every three years to ensure it’s working effectively and your data remains compliant. When using a bureau, make sure you understand any suppression strategy decisions they make on your behalf and the reasons for making them.  Question them if you don’t understand as it’s your responsibility to explain your data suppression strategy under GDPR.

 

If you are using a deceased suppression file your customer data is compliant

Whilst this may be true, the only way to be certain is to evaluate all the suppression files in the market and implement a solution that is accurately removing all your deceased data. There are two important questions to ask:

  1. Is your solution removing all your deceased data?
    Are you certain that the solution you are using is the ‘right’ one for your data? It’s important to understand how each of the market suppression files performs before deciding.  Relying on a single suppression file rarely identifies all known deceased.
  1. Can you trust that the data is accurate and reliable?
    Does the suppression data have a strong provenance? You need to understand how the data is sourced and verified: How many sources and types of data have been used to create the file? How have they been collected? Is the data derived or volunteered?  How has the data been verified? Verification is critical; if an individual is identified as deceased across several independent data sources it corroborates accuracy.  Volunteered data is rarely as accurate as data captured as the result of a transaction (a policy being cashed-in or cancelled for example).

KEY TAKE-OUT: Evaluate to ensure your solution is removing all your deceased customer records. Always check how the suppression data has been sourced and verified. Data that reaches the market quickly has a commercial advantage – the process of verification takes time – so always check the suppression data you license has undergone stringent checks.

 

All deceased suppression files are the same

They’re not.

Although it’s true that all the suppression files on the market have a level of overlap, they contain different data sources that have been collected and verified in different ways. Each file will contain ‘unique data’ that will never be found on any other file. And if those unique customers happen to be in your database, but not in your suppression file, your customer data will remain inaccurate.

One of the UK’s largest insurers recently evaluated all the leading market deceased suppression files and found their database contained over 89,000 deceased customers. This worryingly large number had gone undetected by all the suppression files they previously relied upon to keep their data clean.

Also, don’t be fooled into thinking that the overall size of a deceased suppression file is all that matters.  It’s important to audit how many deceased records each file identifies on your own customer data and how recent those deceased records are. Biggest isn’t always better.

KEY TAKE-OUT: The overall size of a deceased suppression file isn’t all that matters. Unique data is an important factor to consider when choosing a suppression file; those deceased customers may be sitting in your database.

 

You only need one deceased suppression file

This is a rather bold marketing claim and one that we don’t feel is justified. Even though our deceased suppression file contains at least 30% unique data when compared to the other two market leading files, saying you only need to rely on one file alone is certainly not a claim that we would make.  The only way to be sure you have the right file(s) is to evaluate all the options and choose the combination that performs best for your business.

KEY TAKE-OUT: Always evaluate suppression files to choose the optimal blend of files, you won’t achieve adequate coverage and protection with just one file.

With the introduction of GDPR in May 2016, there’s never been a more important time to make suppression a priority. With so many common misconceptions about data suppression leading to inadequate solution choices, it’s imperative that data managers evaluate all the available options and base their file selection on fact. It’s the only way to be sure that the solutions they chose deliver reliable and accurate results and help them to achieve compliance with GDPR

Is poor data sabotaging your campaign performance?

Complacency when it comes to data suppression could be sabotaging your campaign performance and may also derail your GDPR compliance plans. The following article provides guidance on how to create a watertight suppression strategy.

Read More

Marketers and GDPR - Heads in the sand?  

Why are the country's GDPR compliance plans stalling? Our advice - stick to the certainties.

Read More

View all