Data protection and PCI compliance have often been highlighted in the news recently, and, according to one expert, these issues are particularly important for gambling companies.
In a recent opinion piece for the Register, a member of the international law firm Pinsent Masons noted that gambling operators, more than many other businesses, need to be mindful of data security to ensure customer information is not lost.
"The data that gambling companies collect is particularly sensitive, meaning a data breach could have a serious adverse impact on their reputation and ultimately on their entire business," the author wrote.
A recent Ponemon Institute report found that 90 percent of surveyed businesses suffered a data security breach in the last 12 months, making data breaches a near certainty for most companies. Like other businesses, gambling companies are advised to invest in the systems that boast the utmost security, as 41 percent of data security breaches cost at least $500,000 to address, the Ponemon Institute revealed.
However, given that gambling companies handle much more personal financial information than many other businesses, their security and data compliance practices need to extend beyond basic means of protection. In addition to the PCI Data Security Standard and the Data Protection Act, many gambling operators must adhere to the Gambling Commission's Information Security Code of Practice, which requires them to notify customers of a data breach promptly.
Businesses that fail to achieve compliance with these regulations run the risk of being subjected to fines and other sanctions. They are also in danger of losing business, as customers are less likely to continue using their services if they believe them to be insecure.
"Gambling operators who fail to take data protection seriously or fail to invest in robust data security measures could find several sets of regulators beating a path to their door. Worse, customers will flee and share prices will plummet," the author stated.