Even in this post-GDPR era, the news is full of data security breaches. This checklist is a practical starting point for resolving common vulnerabilities.
The EU General Data Protection Regulation (GDPR) has been widely publicised. But what does it mean for your business?
The last time the law on data changed was back in 1995, when just over 23% of households had a computer. Since then, the technological environment we inhabit has shifted beyond recognition:
Designed to tackle these changes, the GDPR has been enshrined in law and will be enforced from 25 May 2018.
There’s no denying that change is essential. Seen in these stark terms, the need for reform – the necessity of ensuring that our rights as consumers are protected – is glaring. But should you view the GDPR a necessary evil? Or should you embrace it as a positive change?
This blog tells you all you need to know about preparing for GDPR, including exploring the implications of tougher regulation, outlining the consequences of failure to comply, and providing advice to ensure you connect data silos effectively.
Getting tough on consent
GDPR covers a range of data-related issues. (For an overview, you might find this guide helpful.) One major change relates to consent. Specifically, it’s about to get much harder for you to obtain it.
At the moment, the Data Protection Directive allows you to market to data collected from potential customers you’ve met at trade shows, for example. However, under GDPR, you’re required to carry out privacy impact assessments, which are designed to give you an understanding of the risks to personal data and privacy.
I know it sounds prohibitive, but it doesn’t need to be. If you act now, you’ll secure consent from your existing data for continuing communication. You also have the option to purchase data and secure opt-in from those contacts, too.
In other words, see GDPR as an opportunity. Not only can you review and refine your data processes, but you can also make changes to ensure you’re doing better, building trust in your business and your brand.
The impact isn’t limited to marketing
Remember, it’s not just the way that your marketing department operates that will need to change. The protection of personal data and privacy are built into all business processes – and flow through every department – so you’ll need to evaluate the way your whole business works.
Can you feel a data-induced headache coming on? It’s actually relatively straightforward to make data more accessible by using technology that sits above databases to store siloed data.
What’s more, it’s also your chance to transform your business, getting rid of outdated processes and making you transparent and accountable to your customers.
Consumer control is on the up
Under GDPR, consumers can demand greater access to their data, and their new rights can be used against you in court.
You need to see these new rights in the context of the breach disclosure requirement. Under GDPR, you need to report security and confidentiality breaches to the regulators as well as the people affected.
Fines for non-compliance are high
It’s important to remember that failure to comply will be publicised, damaging both your finances and your reputation.
With the impending GDPR, things are set to get more stringent. For example, regulators will be able to intervene more readily in businesses and their operations in order to shape how personal data is used. They’ll also be able to impose even greater fines for non-compliance, which could lead to fines of up to €20 million or 4% of global annual turnover for the preceding financial year, whichever is greater.
What impact will Brexit have on GDPR?
Given that we’re set to leave the EU – with the finer details of how that will look very much still to be resolved – you’re probably wondering how relevant this legislation will become. However, the situation unfurls, we’ll still be an EU member in May 2018.
How can you prepare for GDPR?
Finally, like everything in life, a bit of preparation goes a long way. As a number of businesses have already discovered, it pays off in the long run to integrate your data silos, bringing together behavioural, social, transactional, descriptive and product data into a single system.
A data management platform significantly reduces the risks associated with not being able to find data or action a request. And a holistic view of all individuals interacting with your organisation also delivers significant long-term benefits.
In other words, what starts out as a risk reduction exercise becomes a way of creating new revenue-generating applications and services for your business, while simultaneously boosting customer satisfaction.
GDPR is most definitely friend rather than foe, and it’s time to take action.
Engage Hub can help you integrate your data silos. Find out more here.