(other than avoiding large fines for breaches!)
Note: This is written with companies that own and hold personal data. There may be further commercial opportunities for companies that act as data processors or provide equipment and services where a particular approach around GDPR may provide competitive advantage.
This article was originally published by Stuart Duthie on the Qualocity blog.
1. Grow your business by understanding your data
GDPR requires you to understand the data you hold. A review of this, and consideration of what you do and don’t need, should highlight the potential value of the data to your organisation. How could you use this data to better understand or grow your business?
2. Take a customer-oriented view of your data
If you are asking your customers (or potential customers) for permission to use (process their data), then it should be in the customer interest. How can you improve how you use their data to add value to their lives and the services you provide?
3. Ensure the quality of your data
The old maxim garbage-in-garbage-out applies. This legislative may help in promoting the need for accurate customer data to those in your organisation, whish in turn should improve the quality of the data you use to provide insight, transact and grow your business.
4. Understand the controls and security that apply to your customer’s data
Trust is such a key component of your brand value – GDPR may be helpful in reviewing your arrangements, but also those of your suppliers and partners, to protect you against being the next data-security news story. You will need to consider security as part of your implementation and this may be helpful in getting this on the agenda or setting the pace.
5. It may bring a better understanding about the data architecture in your business
Sometimes it can be difficult for IT to articulate to non-IT people the implications of having a large number of specialist, “siloed” systems. The process of implementing GDPR may help to better understand that and draw out some helpful discussions about your application strategy.
A bit about Stuart
Stuart is experienced in senior IT leadership within regulated environments to director-level with a long track record of building capability and practice to deliver transformational change, both within the business and the IT team. Technically astute, he draws on a wealth of experience and understanding across all areas of IT, engaging with senior business leaders and technical experts, to deliver a quality outcome.
ILM qualified, he uses coaching techniques to enrich and empower your IT team to leave a lasting improvement.
He is particularly familiar with front-end digital and contact-centre systems that facilitate the customer journey and relationship, and end-to-end process-driven systems such as case-management and ERP, to achieve digital fulfilment.
He has also held Data Protection Officer responsibilities, implemented Freedom Of Information, been accountable for IT system compliance with regulations such as FCA, PCI-DSS (Payment Card Industry Data Security Standard), etc.,. He has a track record in contract negotiations and engaging with audit activities.