After major data breaches at Equifax, Facebook, and Wells Fargo, organizations responsible for data of any type are under increased scrutiny. One of the many unfortunate consequences of a breach is the potential loss of customer satisfaction, loyalty, and trust.
Gaining your customers’ trust after a monumental breach entails more than just slapping a band-aid on the issue and calling it good. It’s an internal, external, and ongoing process that relies on complete transparency.
As you take the necessary steps to combat the current breach and prevent future ones, consider these seven important steps to rebuild trust with your customers.
1. Be honest, transparent, and empathetic
Rebuilding after the breach isn’t just a business issue, it’s a personal one. When your customers’ privacy has been violated, most of their reactions and emotions will be negative.
Empathize with the customer’s powerlessness and feelings of frustration or even anger. As is the case in any relationship that’s recovering from a broken trust, it’s best to be open and honest with your customers as you recover from the breach.
2. Communicate the steps you’re taking to fix the problem
While you’re being honest, it’s important to be concrete about the actions your company is taking to resolve the breach. Outline the ways you’re getting all systems back online and fixing security vulnerabilities.
Sharing concrete steps your organization is taking to fix the problem is preferable to sugarcoating or avoiding the issue. That being said, you don’t have to share every nitty gritty detail as you share your action plan and lessons learned. And you can tailor messages for different audiences and different timeframes as needed.
3. Follow the law
While you’re working diligently toward rebuilding trust, remember that you may be subject to legal regulations in the aftermath of the breach. Nothing will break trust more quickly than getting bad publicity over not meeting one of these regulations — or even being sued, as Uber found themselves for violating the state’s notification laws in Pennsylvania.
Be sure you’re up-to-date on these notification laws and consult your company’s counsel or an external attorney if there’s any uncertainty over your legal obligations after a breach.
4. Get the rest of the company on board
Communicate internally before you communicate externally, and ensure the required team members are informed and on board with the message — from the executives down to the junior staff.
Depending on the size of your organization, it may make sense to form a breach response team with a representative from each department. Make sure your marketing and PR teams are on board to align these approaches with your brand and overall corporate messaging strategy. This will help maintain consistency of words and actions across all communication channels.
Last but not least, empower customer-facing support teams with all necessary information. They are the ones on the front lines, communicating these messages directly to customers.
5. Offer customers something
There’s no escaping it: After a breach, your customer loyalty is going to take a hit. But you’re not going to lose everyone. And a little incentivizing can go a long way. Consider offering your customers something that either protects their security or rewards them for staying with you — ideally both!
You may offer a free identity protection plan or subscription to a password manager service. At the very least, make sure to apologize and say thank you to your customers for sticking with you.
6. Plan ahead — or for the next breach
All these steps won’t go far in building trust with customers if you experience another breach. Do your research to ensure that you understand the full depth and breadth of what happened. Make sure you’ve eradicated the original threat and protected against similar attacks, and look into ways to improve monitoring and response processes.
7. Take your time
Don’t rush this. Remember, this is a relationship, and rebuilding trust doesn’t happen immediately. As you work to repair your relationship, keep communicating and be patient.
As you take the tactical steps to get your systems back to a secure state, take into consideration your customers’ points of view. This perspective will steer you in the right direction as you practice empathy and open communication toward the end goal of rebuilding customer trust.