data management, regulatory, ImageQuestUsing data to gather insights about your customers is the hot new thing. Everyone wants to understand their clients’ behavior to boost purchasing.

But collecting data comes with responsibilities. There are regulations that will take a bite out of your business if you ignore them.

And in our experience, regulators are cracking down on third-party vendors’ security because too many breaches have sprung from the poor data security of a downstream vendor. It’s now a top question in IT regulatory audits.

CIO Dive took a new look at the June Dun & Bradstreet report on data management. D&B found that data privacy regulators have fined more than 10 percent of companies for poor data management practices.

Worse, the report found that nearly a third of U.S. businesses “are unconcerned about data compliance,” yet 42% of respondents believed “if regulators examined their data practices, they would be fined.”

The report also notes that while businesses increasingly believe customer data is critical to have, businesses typically haven’t assigned this business function to a business leader. Instead data has been left to IT executives.

The study also noted that U.S. companies’ “resistance to compliance concerns correlates with the federal government’s slow crawl to passing a comprehensive data privacy law,” CIO Dive said.