Businesses affected by the European Union’s General Data Protection Regulation (GDPR) have the 25 May 2018 compliance deadline marked in their calendars. The new legislation is a milestone on a journey into a new era, where data is the fuel powering companies of all shapes and sizes, from all sectors.
Consider this: 90 percent of all the world’s internet data was generated in the last two years. This exponential growth in the volume of data we generate – coupled with technology that can extract actionable, predictive insights from it – is empowering companies to offer more personalized experiences to customers, achieve unprecedented efficiencies and bring new products and services to market faster than ever.
The opportunity is enormous, and business leaders across Western Europe looking to seize it. We are proud to be working with Yara in Norway; FamilieHulp in Belgium, UCN in Denmark; Alajmo in Italy, and many more customers across the region to help them capture that opportunity and move them along their GDPR journey.
Given this huge shift in how business gets done, an updated governance framework for data protection is only sensible. But business leaders are realizing that GDPR is an opportunity for broad business transformation – not just a compliance hurdle they need to clear. This is because the benchmarks GDPR sets out for compliance are the very same benchmarks a company needs to meet if it is going to become a data-driven business.
Generally speaking, there are two ways in which companies are approaching GDPR compliance – while the first is absolutely essential, the second is what will unlock major competitive advantages.
Countdown approach: when focus is limited to compliance
One approach is to count backwards from the 25th and put a compliance calendar in place. This is a sensible method when resources are constrained and time is limited. In prepping for ‘GDPR-day,’ there are four steps to keep front of mind ensuring you stay on course.
The first step is to discover what data your company has and how it is used. Then establish processes to govern who manages this data. Then, you need to make sure it’s protected. Finally, you need to ensure you can offer transparent, clear reporting on how your customers’ data is treated should regulators require it.
Yet increasingly, companies are looking at an approach best described as ‘compliance+’, that goes beyond discovery, management, protection and reporting to anticipate potential future developments and preparedness. For example, opting for cloud vendors who are committed to complying with all relevant regulations – at a national, European and international level – provides added confidence.
Using GDPR to transform your business
From complying to competing, companies that are using GDPR as a valuable milestone to drive business transformation will emerge with a significant advantage. They are already empowering their people to seamlessly collaborate and access information, anywhere and across any device. In addition, they see the potential of using technology like artificial intelligence (AI) and machine learning to stay a step ahead of customer needs and competitive threats.
However, leaders in these organizations know that technology alone is not enough. Innovations like AI have a lot of potential, but if employees are not properly capturing, storing, using and protecting data, the value the technology offers is diminished. After all, only accurate data can yield dependable insights. Further, all the insights in the world won’t help your business if workers across your business aren’t actively using them as part of their everyday jobs.
Savvy businesses recognize that the ability to manage and protect data is not only a compliance necessity, it’s a must for building trusted relationships with customers. According to Harvard Business Review, 97% of people expressed concern that their online personal information might be misused. As every company becomes a data-driven company, being able to offer full transparency around data usage and data policies will be key.
Given the importance of data management, forward-looking leaders see GDPR as way to help build a data driven culture in which each person – from intern to CEO – sees him or herself as a data champion. Using GDPR as a ‘hook,’ they use the opportunity to clearly communicate their vision of how data will take their businesses forward in a cloud-first world. This means ensuring employees across divisions understand their role in using data responsibly to delight customers, unlock growth opportunities and ultimately outperform their competition.
The bottom line for business leaders: recognizing 25 May as a catalyst for growth sets you up to thrive as we enter the new data age.
Martin Vliem is spreker op hét GDPR-event van het jaar: GDPR, the day after tomorrow dat op 24 mei a.s. plaatsvindt bij InnStyle in Maarssen. Het evenement draait uiteraard om de GDPR/AVG die de volgende dag van kracht wordt, maar gaat vooral in op hoe je - in plaats van te werken aan een tijdelijke oplossing - 'voor altijd' aan huidige én toekomstige privacywetgeving kunt voldoen.