Yogesh Sharma & Nageshwaran R, TCS Financial Solutions
In the wake of recent high profile data breaches worldwide, the data privacy debate has assumed greater significance and assumed center-stage in the regulatory world; and, more so in the financial services industry given the vast amounts of personal data processed by banks/ financial services organizations and their third party IT solution providers.
The customer onboarding process in a bank entails capturing personally identifiable information, and this can range from sharing non-financial data such as names, addresses, e-mail ids, contact and social security numbers to financial data in the form of savings, loans accounts and debit/credit card numbers.
From a regulatory compliance perspective, it is also important to distinguish between personal and sensitive personal data. Personal data relates to information about identified or an identifiable natural person (“data subject”) with particular reference to an identifiers, such as names, identification numbers, location data, and online identifiers, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person. This also includes financial privacy that refers to the maintenance of confidentiality of customer information about transactions and finances by financial institutions.
Sensitive personal data, on the other hand, refers to personal information that reveals racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership; or data concerning health or sex life and sexual orientation; and genetic data or biometric data. Going forward, organizations will require stronger grounds to process sensitive personal data than required with “regular” personal data.
Read the white paper.