2016 is now behind us and it was quite a year. As we dive into 2017 and prepare for all that is ahead of us, European companies, (actually, any company that have any EU customers or collect data from EU citizens) need to consider including these data privacy Resolutions as part of your focus.
- We must take privacy regulations seriously.
- We will put actionable plans in place NOW to allow sufficient time to address data privacy and General Data Protection Regulation (“GDPR”) compliance.
- We will allocate sufficient budgets for planning and implementing privacy solutions.
- We will ensure that any new product or process put into place ‘protects privacy by design’.
- We will look for opportunities to leverage data privacy to improve the customer experience.
- We will consider the user experience when implementing new solutions and processes.
It looks like these resolutions are needed. Findings from the Global Databerg Report, which surveyed more than 2,500 senior technology decision makers in 2016 across Europe, the Middle East, Africa, the U.S. and Asia Pacific, revealed 54% of organizations have not even started work to become compliant for the GDPR. This Vanson Bourne study also revealed just under one third of respondents are concerned about the potential for reputation damage to their brands from poor data policies and almost 40% are anxious about a major compliance fail within their business. It’s clear that beyond the fines, there is a lot at stake here for businesses and their customers.
Let’s review why each of these resolutions are key and why it’s not ok just to pick a few to take on.
- Privacy regulations are serious. They have real financial and customer retention implications and if not handled correctly will put continuing business operations in risk.
- If your organization is one of those in the 54%, you do need to start now. True, the regulations don’t come into effect until 2018 but time is needed to:
- Fully understand the impact across your organization;
- Audit your current data collection processes and systems;
- Put a team in place to manage the planning and implementation;
- Evaluate the options for solutions;
- Deliver the needed change management and training for new processes;
- Give time for proper testing, feedback and re-work, and
- Ensure that all of this is doing what it should and is compliant with the regulations.
- As this has severe business impacts and will take a significant amount of resources, it is key to put aside the needed budget amounts so the whole course is not slowed by disagreements on whose budget it comes from.
- User privacy by design is specifically called out in the regulation. It’s not just the smart forward-thinking way to go, it’s required. Therefore, the approach has be user-centric from the get-go.
- Yes, it’s true that there are positive impacts from data privacy. Done the right way, it will allow customers to put trust in the companies they do business with.
- The user experience is key. That’s one of reasons the regulations were created in the first place. And this means every individual digital user not just the head of a household or the account holder.
Similar with other privacy regulations and initiatives being put in place around the globe, the crux of the GDPR is putting users in control - in control of their personal data, how it is collected, protected and disposed of. So, it makes sense that service providers and enterprises put their key focus on individual users when developing and implementing their data privacy plans.
As the leader in User Lifecycle Management (ULM), we have been studying, designing and implementing solutions to cover user management for many years – not just since the new regulations were announced.
User Lifecycle Management was designed to enable user managed privacy and puts tools and processes in place to empower individual digital users. As the central privacy management dashboard to the user, ULM allows for the management of user & parental consent and the privacy lifecycle for all services provided and for all data processors contracted by the service provider.
Go ahead and get started. Take our questionnaire to see where you stand in being ready for the GDPR?