No Means No: Is GDPR another excuse to proclaim data apocalypse or a real opportunity to enhance the value of analytics?
Data is widely recognised as “the new oil”, but the rules governing how we extract and store this precious digital commodity are set for their biggest shake-up in more than two decades. Are you ready?
This radical change comes in the form of GDPR (General Data Protection Regulation), new rules that, by next May, will grant EU consumers unprecedented new controls over their data and how businesses use it.
It's no surprise data protection is being strengthened. Consumers have become savvier - not just about their right to privacy and data sharing consent, but also about the true value of their personal data as a “currency” for businesses.
Admittedly, for businesses who have worked hard to gain customer data to enhance their digital strategies, their hands have been forced by stringent GDPR regulations and the threat of hefty fines should they not comply.
Businesses will need to clearly communicate how personal data will be used and with whom. Customers in turn can choose to opt in and out of data they consent to share, and who they share it with. Personal data will then become a “currency” businesses need to negotiate with customers. This shakes up everyone’s strategy and the technical infrastructure that will be required to make this happen.
Third party vendors and suppliers will also find themselves caught up in compliance red tape and be expected to be “GDPR-proof”.
Enhance the customer relationship
That said, it’s wise to take a measured approach to the current scare-mongering surrounding the upcoming enforcement of GDPR. Being GDPR compliant is a less difficult transition and, in fact, offers new business opportunities for organisations that are customer centric and already mindful of protecting customer data. The push from GDPR to streamline data also has the potential to add value to existing data and makes way for a better customer experience across digital channels.
Are you GDPR ready?
No doubt much of the tick-box reaction to GDPR compliance requirements will become an IT or legal responsibility. But the regulations go much further than that. It requires a full organisational change in approach to navigate the changes and reap the benefits.
It’s important for senior business executives to recognise this now and start pulling a plan of action together.
Consider the following to get started:
- Create a data map - What data do we have? How do we get it? Where do we keep it? How do we keep track of it? Which third party organisations do we share it with?
- Evaluate existing data - Should we try to save and update all our data or focus on maximising high-value data for a select audience only? Will it be easier for us to simply delete our existing data and start again with full GDPR compliance?
- Systems check - Are our in-house or outsourced systems compliant? Will we need to upgrade or design new software to meet specific GDPR regulation? Are our tech partners simply bolting on new features or taking a “from the ground up”, data protection by design approach?
- Build trust and loyalty - Are we ready to tell our customers we are prepared for a new age of customer-owned data? Are our systems solid and will our customers know that their experience will be safer and better with us? How do we encourage our customers to keep their data with us?
There will be bumps along the way, but we should all welcome GDPR requirements as they are, first and foremost, designed to protect us all from data exploitation. There’s little point fearing it and clever businesses will recognise the long term opportunities to define a new way to sell and to create a better customer experience.
If you want to assess your organisation’s readiness to make the most out of GDPR or ensure you take a “data protection by design” approach to your infrastructure systems, get in touch with us.