In Direct Mail, where information is everything, the most important information we hold is customer data. It is not only vital to the purpose and outcomes of the campaign, it is also the holy grail when it comes to targeting, content and effectiveness. Most importantly though, it is potentially sensitive information that needs to be safeguarded and stored securely at all times.
ISO27001 is the international standard, awarded by the International Organisation for Standardisation (ISO), that denotes a responsible operator in the Direct Mail sector. If you want to ensure that your campaign will be handled securely and professionally, you should avoid any service provider that doesn't have it.
Attaining the ISO27001 certification is not a simple process. It involves a rigorous on-going audit of security, continuous improvement and risk management processes within the business, taking account of legal, physical and technical controls. Put simply, any business with ISO27001 has worked hard and invested wisely to put the necessary systems and procedures in place, giving you peace of mind when you choose to share your data.
Anyone who has even considered Direct Mail in recent years will know the consequences of mishandling data, either through security leaks or inappropriate use of the database. In the UK the Information Commissioner's Office can impose unlimited fines on companies that do not take the right steps to manage their data responsibly, and these can apply to the end client as well as the Direct Mail company.
In the aftermath of the sad death of pensioner Olive Cooke in 2015, the focus on best practice in the Direct Mail, and especially on responsible use of data, has become even more prominent in the public psyche. It's no longer enough to simply adopt best practice, you need to actively demonstrate that commitment, and ISO27001 is one way to do this.
ISO27001 accreditation is all about being seen to do the right thing. Earning and maintaining the accreditation is not easy and it provides a genuine mark of quality and assurance to clients in the Direct Mail sector. For betting and gaming businesses, where the additional regulations and standards of the Gambling Commission need to be taken into account, it's vital that you choose a verified operator for all your Direct Mail campaigns.