Using the GDPR to make your business betterJune 6, 2018
At first, the GDPR can look and feel like a compliance burden. It sets a high bar for security and privacy, and it comes with hefty fines if you don’t meet it. That’s why many companies are spending significant time and money to get ready. (Per Gartner, European companies expect to spend around $1.4 million.)
The great news is that none of this effort is throwaway. It’s not merely an exercise of checking off the right boxes and then moving on. There are many ways the GDPR can bring ongoing value to your business. As a few examples, it can help you:
- Strengthen cybersecurity across your organization
- Clean house and get your data in tip-top shape
- Create a “golden record” of your customers, with fewer dupes and less noise
- Improve how your customers see you (brand image)
- Market more effectively to customers who want to hear from you
To get there, you need to strike the right balance between protecting data and leveraging data. Yes, keeping data safe should be a top priority. But your organization still needs to be able to use personal data (with consent) to boost your business. So as you go through the process of GDPR compliance, here are a few things you can do to set yourself up for success.
Ask your DPO to do more
If your organization meets certain criteria, the GDPR requires you to appoint a data protection officer (DPO). This person’s top priority should be to make sure your organization follows the GDPR. But that’s certainly not all they can do.
Given their expertise in this space, the DPO is also the perfect person to lead the charge around how you can improve your data practices in general. They can change the conversation. They can help come up with real-world scenarios to turn personal data into business value. So when you appoint this person, expand their role beyond what’s merely required by the GDPR.
Connect the dots between GDPR consent and your data strategy
As you’re putting new policies in place to meet the GDPR, make sure you don’t unnecessarily limit yourself from being able to get value from your data. You need to be able to mine it for insights that can help your organization offer better services and grow. Or share it with your trusted partners.
So you shouldn’t tamp down on your data to the point where you can’t do anything with it. This means making sure that your consent strategy matches up with your data strategy. To do this:
- Make sure you understand the many things the GDPR supports, like collecting, using, and sharing personal data to support global business
- Find and share use cases across your business where you can meet GDPR consent requirements while still using your data to do new things
- Implement consent mechanisms that follow the GDPR but still give you flexible data rights and ability to share data with the people you need to
Set up your data governance program
Last up, another key way to make the most of your GDPR prep is to also set up a data governance program. We’ve talked in earlier posts about why data governance matters. It’s a system of tools and processes to keep tabs on every bit of personal data floating around your organization. This helps you stay ready to find it right when you need it (or get rid of it when you don’t).
For more, see our 5 steps to set up a data governance program.
Need help with the GDPR?
We at Binary Tree are doing our part to help our clients protect the privacy of their own customers. We can help you move to Office 365, which Microsoft has committed will comply with GDPR by the deadline. By adopting Office 365, you can:
- Find and classify the personal data in your systems
- Build a more secure environment
- Simplify how you manage and monitor personal data
- Get tools and resources to meet reporting and assessment requirements
Contact us to learn more and to discuss further all of our digital transformation solutions.
Source: Gartner. How Data and Analytics Leaders Can Leverage GDPR for Increased Business Value. August 2017.