Under the EU’s General Data Protection Regulation (GDPR), organisations must implement data protection and reporting structures for EU citizens’ personal data.
This gives organisations the incentive to ensure current procedures and capabilities are up to scratch ahead of the May 2018 deadline. GDPR is a game changing challenge for organisations, involving people, processes and technology, but it also presents a fantastic business opportunity to kick-start change and innovation.
One of the key challenges presented by GPDR will be getting employees onside with changes to working practices and long-standing processes. Under the new regulation companies with over 250 employees will be required to appoint a data protection officer (DPO). The DPO will be instrumental in this action, and will have to be a champion for progression within the business.
Streamline your data processes
One of the first places to start in preparation for GDPR is streamlining processes. With this in mind, many organisations have already turned to techniques and tools that encourage a more collaborative approach to storing and maintaining data.
Workflow tools help to guide people in their tasks, add rigour, deliver auditability and in the best examples allow employees to directly feedback on the tools to ensure they work effectively.
Business process analysis technologies can be really useful for GDPR compliance. Humans are brilliant, but we make silly mistakes all too often. Under GDPR, businesses quite literally cannot afford to make mistakes with sensitive data.
Not only are there stiff fines for non-compliance, but also the subsequent effect on a company’s reputation will have a marked effect on a companies bottom line.
As the public has become more informed about the protection of their data, they see its protection as a human right. Companies must treat its protection as essential. Tools alone will not be enough to drive all of the changes required ahead of the GDPR.
Thanks to digital transformation, almost all businesses are software based and therefore reliant on data to provide detailed insights into customer purchasing habits. Streamlining data management is not only an essential part of GDPR, but by getting smart about their data businesses can make the most out of the information that is freely available to them.
>See also: Turning GDPR into a business opportunity
This enables them to make better decisions about how they approach customers. Being the master of your data allows businesses to deliver a more targeted experience to customers through personalised communications and marketing.
Compliance should not be seen as a one-off task, rather it’s a continuous part of conducting business. It is not a static, one-off problem that can be solved by ticking a box. Compliance must be seen as an integral part of an organisation’s every day process.
The DPO will be instrumental in encouraging people to conduct their business in a safe way, and in providing education and training to ensure they understand best practice.
They will need to be given teeth in their organisations to mobilise the change needed. This might mean a seat on the board, or at least direct support from the C-suite. GDPR compliance is a company wide issue, it cannot be sidelined or overlooked by any part of an organisation.
In short, to make GDPR not just a question of compliance, but a real business opportunity, the DPO requires absolute transparency and cooperation. A cross company willingness to engage and see GDPR and Data Protection as positive can and should be seen as a real opportunity to show your business’ competitive advantage.
Indeed, in the words of Elizabeth Denham, UK Information Commissioner, “Get data protection right and you can see a real business benefit…It offers a pay-off down the line, not just in better legal compliance, but a competitive edge.”
How can it be done?
GDPR is a once in a decade opportunity to refresh working practices and invest in methods that digitise businesses working practice. Make sure that you are skilled in business case creation or have access to someone that does.
Work hard to show that GDPR is the perfect “excuse” to get those process and training projects off the ground and tie the work to programmes of transformation that deliver additional benefits.
Using GDPR as the jump-start cables can help you get projects that you know will benefit you, but previously has too big a corporate funding tax to get off the ground.
Get Help! Reach out to those with experience, talk to your peers, join networking groups on the subject. Use the information and training that you gain to engage with stakeholders in your company.
As data is becoming an increasingly integral part of people’s lives, it is the duty of companies who deal with it to protect it effectively.
Compliance with the GDPR cannot be seen as a nice to have, it must be seen as a real opportunity to bring data best practice up-to-date. The DPO will be instrumental in pushing this change forwards.
Sourced by Matt Smith, CTO, Software AG
The UK’s largest conference for tech leadership, Tech Leaders Summit, returns on 14 September with 40+ top execs signed up to speak about the challenges and opportunities surrounding the most disruptive innovations facing the enterprise today. Secure your place at this prestigious summit by registering here