GDPR - an EU regulation coming into effect next May that will change the way we collect and process consumer data - is coming, and nothing is going to stop it. The implications are vast and arguably daunting for organisations around the world, with hefty fines for non-compliance. It’s no surprise that concern and trepidation surround the implementation of this law. However, IT professionals and company executives have the option to view GDPR as a commercial opportunity - a chance to leverage process simplification, enhance customer service, and better integrate cross-functional relationships.
Increased Simplification and Consistency.
Information Age recently reported that one of the key changes due to come about through the introduction of GDPR is that organisations will no longer have to register with the data protection agencies of each individual EU country that they operate within. Instead, they will register only with the member state in which they work with the most regularly. Additionally, the regulation will be applied consistently across all EU member states, removing the current complexity that comes with differing applications and interpretations of the same law. The reason for this simplification and uniformity is that the law is a regulation rather than a directive and, together, these changes will result in a significantly decreased administrative burden for businesses.
Enhanced Customer Service.
Consumers are becoming ever more aware of their data privacy. Peter Gooch, cyber risk partner at Deloitte, commented that “consumers are realising that privacy is about more than just confidentiality. It is about transparency regarding how their data is being used and putting them in control of what they are now recognising as a massive asset that they hold”. From a UK perspective, as Computer Weekly reports, the UK information commissioner Elizabeth Denham explained that the GDPR will bring “a more 21st century approach” to how personal data is processed and that organisations should seize the chance to set out a culture of data confidence in the UK.
This shift towards greater demand for healthy data processes presents an important commercial opportunity for organisations. When a business shows authority in the area of data protection and privacy, they are underpinning trust in their corporate brand, capturing a competitive advantage within their industry. Accordingly, the consequential PR and marketing opportunities that spin off from GDPR are significant.
IT Department Empowerment.
This opportunity has already been recognised by some IT decision makers. For their white paper, ‘From Overwhelmed To Empowered: The IT department’s GDPR journey towards good data health’, Kaspersky interviewed over 2000 IT decision makers about their views and concerns surrounding GDPR and found that 63% feel the legislation will empower them to better regulate data privacy and protection within their company.
By the very nature of GDPR as a data privacy issue, IT will find itself at the heart of planning and implementing this new regulation. So often overlooked as a department of red tape and cumbersome processes, this is an opportunity for IT professionals to reposition themselves as the catalysts of cross-functional progress.
GDPR is, of course, a big deal for companies both large and small across the world. Failure to adequately prepare and implement the regulation has wide-ranging consequences. However, it also presents organisations with a chance to lead the pack - to stand out from the crowd as an advocate of consumer rights and protections. This is an opportunity to build trust in the company brand, thereby leveraging significant competitive advantage.
Kate Jones writes graduate careers advice for Inspiring Interns, a graduate recruitment agency specialising in matching career starters with graduate jobs. For everything from marketing internships to graduate jobs Manchester, click here.Back to Small Business blogs