Article

Dan Telling
Dan Telling 22 November 2017

The final countdown: five key steps to GDPR success

With mere months to go until the General Data Protection Regulation (GDPR) comes into effect, it is dominating the news agenda and is a top priority for businesses. From retailers to charities and the manufacturing industry to financial services, the impact of GDPR will affect every organisation that handles customer data and will be far reaching.

Indeed, it has the scope to change the face of marketing completely. Yet behind the hype, there is much confusion from businesses of all sizes from across industry, which know that they have much to do to comply with GDPR, yet do not know where to begin.

While for many, compliance with GDPR may seem like a huge task, those that embrace it as an opportunity to lead the way in the new consumer democracy and demonstrate a new level of transparency and trust, will be the ones who ultimately win. Although undoubtedly a complex task, GDPR offers as many opportunities as it does challenges.

Understanding the requirements of GDPR is one thing, but being able to translate this into compliance is something else entirely. And of course the larger the organisation, the more complex the process.

With this in mind, what can organisations do to ensure they comply?

1. Map your data flow: conduct an audit

This is perhaps the most important step, and the one which every other element of GDPR compliance is built on. Get the discovery phase right and the rest will follow, get it wrong and the entire process will be beset with problems. By conducting an audit organisations can establish:

  • What data has been collected
  • Where it is being stored
  • Who is using the data
  • Why the data is being collected and its purpose
  • When permission was granted
  • Where permission was granted

As part of this process, businesses can also determine which legal definition they are processing data under. They will also be able to highlight where they may need to go through a re-consent process with customers, which can act as a great way to reconnect with individuals.

2. Examine your privacy policy

Providing privacy information is already a requirement under the DPA, but GDPR takes it a step further. It has a specific emphasis on making privacy notices understandable, transparent and accessible. Best practice here is to explain with each piece of data collected why it is being collected and how it will be used. This will make it easier for individuals to understand and also be repeatedly informed about how their data is being stored and used.

Of course the level of detail needed in a privacy policy will depend on the type of organisation. For a mail order company who just needs to collect names and addresses it will be fairly straightforward, for a large organisation such as Sky, it will be far more complicated.

What remains the same, regardless of the size of organisation or sector, is the need to take the opportunity to help empower customers and build trust. For example, organisations could look to integrate a permissions management dashboard into their privacy policies, which will not only give customers greater control, but will also enable businesses to use data more effectively.

3. Appoint a Data Protection Officer

Having a suitably knowledgeable person or team of people that focus solely on data protection is not a prerequisite of GDPR, but it will hugely help in complying with it and with data management and governance generally.

If there is not someone with this expertise already in the team, then businesses need to act now to train or recruit someone.

Their role will be two-fold, to act as someone individuals can contact regarding their personal data and also to cascade out information about GDPR and data protection across their organisation.  

The Data Protection Officer will also be key in helping to gain board level support, as once this is in place then half the battle is already won.

4. Educate everybody

Every single person within an organisation needs to understand the importance of GDPR and that there is a fundamental move within the organisation to treat data differently going forward.

This again demonstrates why a Data Protection Officer is so vital as they will play a pivotal role in ensuring this happens.

As GDPR compliance essentially involves implementing a new data strategy, it is especially important that the board fully understands the impact of GDPR and is on-board with making resources available to implement the changes.

5. Communicate externally

Once everyone internally understands the new data strategy and is aware of the role they need to play, businesses can then communicate their new approach externally.

It is hard to impress how important transparency with customers here is – and not for the sake of compliance with the new regulations, but for the good of the company as a whole.

Complying with GDPR is a massive task, but it also offers a unique opportunity to develop completely new ways of working that are based on the key principles of trust and transparency. If customer experience is the battleground of the future, then data is key to winning the war and GDPR is the perfect opportunity for businesses to rethink their approach to data and the enhanced customer relationships and experiences it allows.

 

 

Please login or register to add a comment.

Contribute Now!

Loving our articles? Do you have an insightful post that you want to shout about? Well, you've come to the right place! We are always looking for fresh Doughnuts to be a part of our community.

Popular Articles

See all
Digital Marketing Vs. Traditional Marketing: Which One Is Better?

Digital Marketing Vs. Traditional Marketing: Which One Is Better?

What's the difference between digital marketing and traditional marketing, and why does it matter? The answers may surprise you.

Julie Cave
Julie Cave 14 July 2016
Read more
4 Important Digital Marketing Channels You Should Know About

4 Important Digital Marketing Channels You Should Know About

It goes without saying that a company can't do without digital marketing in today's world.

Digital Doughnut Contributor
Digital Doughnut Contributor 5 November 2014
Read more
Top 10 B2B Platforms to Help your Business Grow Worldwide

Top 10 B2B Platforms to Help your Business Grow Worldwide

Although the trend of a Business to Business portal is not new but the evolution of technology has indeed changed the way they function. Additional digital trading features and branding has taken the place of traditional outreach methods to get in touch with targeted buyers or sellers.Here are some of the best and fastest growing global B2B platforms that are helping thousands of businesses in the world to grow and reach their international and local clients.

Salman Sharif
Salman Sharif 7 July 2017
Read more
Collection Of The Best Email Testing Tools Online

Collection Of The Best Email Testing Tools Online

Don’t be afraid of email testing. There are many free or freemium tools online that can help you with testing your SPAM score, deliverability and even the rendering of your email. We feature 30 email testing tools in this article. Check out the complete list!

Roland Pokornyik
Roland Pokornyik 31 October 2016
Read more
3 Social Media Trends to Follow in 2018

3 Social Media Trends to Follow in 2018

Discover three big trends that will have the impact on social media in 2018 - from ephemeral content, to influencer marketing and augmented reality.

John Siebert
John Siebert 15 November 2017
Read more