Customer Information Management

Proactive approach to GDPR helps safeguard data and benefit your company

If your company is one of many that has adopted a wait-and-see attitude about GDPR compliance, you might be interested in learning how compliance can also benefit your company by improving the quality of data.

In recent years, data breaches have affected hundreds of millions of people. While the General Data Protection Regulation (GDPR) is not a data breach regulation per se, breaches are a key focus. Designed to protect EU residents’ data, the regulation has wide applicability beyond EU boundaries. US organizations, as well as those across Asia-Pacific and any other regions serving EU audiences (or with EU employees), will need to understand not only their risk of exposure under GDPR, but also how they can mitigate that risk through evolving best data protection practice.

GDPR focuses on giving “data subjects”—the people whom the data describes—certain rights over how and when their information is handled or erased. The GDPR signals a philosophical shift with regard to personal data, recognizing the safeguarding obligations that organizations take on when they collect or are entrusted with personal data.

Read about how a proactive approach to complying with GDPR provides benefits in Data protection by design: The opportunity in the obligation of GDPR compliance, a Forbes Insight report, sponsored by Pitney Bowes.

Clearing the way to a successful—and beneficial—GDPR implementation

Despite GDPR’s broad enforceability, the consensus among industry experts is that businesses remain largely unprepared. Where there is awareness about the GDPR, it seems there is also a wait-and-see approach being taken and an unwillingness to invest in potentially unnecessary compliance measures. One reason may be that the path to GDPR compliance is not seen as sufficiently clear. Despite this, the EU has signaled it is serious about enforcing compliance in a way that is “effective, proportionate and dissuasive.”

Regulatory action isn’t the whole picture, however. GDPR compliance can itself be beneficial to an organization, whether in improving the quality of data, which in turn lays the foundations for deeper customer engagement efforts, or in improving customer confidence. The risks of losing customer confidence and the trust of industry partners in the event of a GDPR violation are very real—and may prove to be just as motivating as penalties. Besides the potential for lost business and canceled contracts research has found that the reputational costs of regulatory sanctions far exceed the financial cost of penalties imposed.

Ray Umerley, vice president and chief data protection officer at Pitney Bowes, has been involved with the company’s own process to comply with GDPR. He says the task becomes much more manageable once organizations can ascertain which specific articles apply. “But again, you have to get a handle on that early,” Umerley says. “We were able to distill our significant areas of change to maybe five or six groups of articles (the GDPR contains 99 articles and 173 recitals)—and even then, it was things we already had a process for, but we needed to modify or expand upon.”

The steps involved in a data quality approach to GDPR can be broken down into four main areas:

1.      Discovery.

2.      Preparation.

3.      Action.

4.      Governance.

Seizing the opportunity to improve customer confidence—as well as avoid penalties

GDPR represents the next step of an evolution in the way society treats personal data and the obligations of organizations to protect it. The potential fines are designed to be dissuasive, but they’re not the only reason to undertake compliance. Since it requires a level of good quality data practice, GDPR presents an opportunity to realize benefits beyond simple compliance: customer confidence, incident response, reputation and a foundation for new innovative products and services could be by-products of a well-thought-out GDPR implementation.

Because so much is at risk—the penalties and reputational fallout have potentially devastating impacts—taking a wait-and-see approach is tempting fate on a grand scale.  

Learn more

Read about how a proactive approach to complying with GDPR provides benefits in Data protection by design: The opportunity in the obligation of GDPR compliance, a Forbes Insight report, sponsored by Pitney Bowes. The report, based on in-depth interviews with industry analysts, experts and data professionals, outlines how a good approach to data can help speed the path to compliance and also offer new opportunities.

 

You may also like

General Data Protection Regulation (GDPR) Compliance

Discover and profile the personal data you hold enterprise-wide. Ensure it’s valid, accurate and up-to-date. Minimize your data for just what’s needed for processing. Add governance that supports new requirements for right of access, rectification and more.

Learn more