Layers of data access — business, service provider, and third party

Take it from Shrek…onions, ogres, and organizational data all have layers.

Okay, I may have added that last one in, but it’s true!

There are layers within any organization that both service providers and third-parties have access to — and understanding them is key.

Think about the last time you got a check-up at the doctor’s office…

It’s likely that you and your doctor have a very open relationship where you not only discuss your health concerns, but also address issues like insurance coverage, and make sure everyone is on the same page about executing a treatment plan.

Nurses may also have access to some of your records, and they’re bound by the same confidentiality agreements as doctors. We can think of them in a similar capacity as service providers who have strict rules and affiliations with the main organization.

But then there’s the receptionist, who’s there to accept payments and may have access to your financial info — but SHOULDN’T have access to any medical records and may even be a temp in the office just like third-parties who have limited relationships with the businesses they work alongside. 

In other words, each layer has unique responsibilities, requirements, and restrictions that are unique to that layer only. 

But without the right distinctions between them, the line can get blurry. 

(And nobody wants that.)

Think your company could use a little help figuring out this hierarchy?

If you’re a CMO, CTO, SVP, or anyone else who heads up marketing and technology teams, you can get tons of insight when you sign up for my mailing list: www.mardatadvisors.com/risk

Leave a Comment

Your email address will not be published. Required fields are marked *