In a recent Room 1903 feature, Joe Oleksak, a Plante Moran cybersecurity partner, emphasizes that customer data ownership should be centralized at the franchisor level to ensure consistent security standards and compliance across the entire system. Fragmented ownership, he notes, increases risk and weakens the brand’s ability to respond effectively to data breaches.
From a franchising perspective, Lisa Plonka, partner and leader of Plante Moran’s franchise and consumer services practice, stresses the need for clearly defined responsibilities between franchisors and franchisees. She notes that expectations related to data ownership, compliance, vendor management, and breach response should be explicitly addressed in franchise agreements rather than assumed.
This feature also explores how brands can operationalize PCI and privacy requirements by centralizing compliance efforts and providing franchisees with clear playbooks and predefined architectures — ultimately reducing audit fatigue at the unit.
To read more about how franchise restaurant brands can strengthen data security and protect customer trust, read the full article on Room 1903.
