In what may become a recurring theme, Consumerist reports today about a financial institution sending daily emails to somebody who is not actually a customer of that institution.
If you're sending valuable transactional notifications via email, here are a few questions that I think you should be asking yourself:
- How do you verify that the owner of an email address is truly the person who submitted that email address?
- What are your company's policies and procedures for addressing these kind of issues when they occur?
- Do your customer service representatives know of these policies and are they able to assist when the aggrieved subscriber contacts your company?
Thinking about this kind of issue gives me the screaming heebie-jeebies. I hope there isn't anything in any of those email messages that could be considered personally identifiable information.
