Story image

How every business can benefit from GDPR compliance

18 Jul 2018

GDPR regulations are transforming the way businesses operate both online and offline around the world. While most organisations can find the road to compliance expensive and complex, the long-term opportunities are plentiful when the process is managed in the right way. This involves rolling up sleeves, diving deep into data protection and changing the way that teams and individuals think about personal data.

At its very heart, GDPR is all about protecting customer and employee data. It requires organisations to adopt stricter protection policies, to document how they store, use and share personal data and review data governance principles regularly to ensure compliance. In essence, companies will not only need to manage huge volumes of data but also enable a cultural shift in order to ensure the door remains locked to breaches and a solid reputation remains intact.

Opportunities to build consumer engagement while saving costs

There are many misconceptions when it comes to GDPR. New data privacy culture has become one of the most intricate debates happening around the world as it weighs notions of ethical and professional practice. How an organisation deals with GDPR compliance will depend on how it is utilising data, the industry it is operating in, and how and where that data is stored.

For GDPR compliant companies, the opportunities and competitive advantages are clear. Not only will they avoid the hefty penalties inflicted for non-compliance, but they will be well on their way to building authentic, transparent relationships with customers and a more people-centric business.

In a survey with 1,000 UK consumers, 62 percent said their confidence about sharing data with businesses has been improved by the incoming laws. In the same report 80 percent of consumers would be very or moderately comfortable with sharing data about their interests for marketing purposes.

While consumers are clearly aware of the drastic changes that are happening within companies, they’re also recognising the shifts in regulations are in fact to enforce cybersecurity and privacy. On the other hand, for a business, by implementing the right compliance design principles and collecting only relevant data, they can streamline and eliminate data storage and collection processes, prevent data breaches and cyber-attacks, and reduce costs significantly.

A simple process change just won't cut it

GDPR legislation demands an organisational shift across all departments, from legal to sales and marketing to IT. And the fact is that simple process change won't quite cut it. Even with digital platforms such as Facebook, followed by many other businesses, moving quickly towards an educational approach with their customers on revised data collection and privacy policies. It is still surprising to learn how complacent the majority of individuals and businesses remain when it comes to data security.

The good news is that there is an evident rise in employees understanding their role in protecting data and who are aware that privacy issues are a very real risk now that GDPR is firmly in place. Despite the challenges ahead, it appears IT professionals generally support the regulations, with 65 percent of UK respondents of a Spiceworks survey saying they are in favour of the GDPR.

For any business, building a GDPR framework will be an ongoing process that begins with induction and education. This should be reinforced routinely and whenever any data protection issues occur. From creating personalised staff awareness workshops to investing in business automation and data protection solutions, there are many ways a company can raise awareness and create a robust framework for the compliance.

As the saying goes, Rome wasn’t built in a day, therefore, GDPR cannot be a process that is shaped overnight. It requires a long-term commitment to cultural change, continue to educate and be vigilant; the entire organisation has to be on-board with responsible and compliant collection and treatment of data. 

Though, it’s important to remember that with change comes opportunity. The businesses of the future will approach GDPR mandate as a chance to reimagine compliance and prove their business can succeed. Those with foresight will grab the best opportunities.

 Article by Unit 4 A/NZ country manager and sales director Chris Tithof.

SecOps: Clear opportunities for powerful collaboration
If there’s one thing security and IT ops professionals should do this year, the words ‘team up’ should be top priority.
Interview: Culture and cloud - the battle for cybersecurity
ESET CTO Juraj Malcho talks about the importance of culture in a cybersecurity strategy and the challenges and benefits of a world in the cloud.
Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.