By now it’s pretty safe to assume that most organisations are at least aware of the General Data Protection Regulation (GDPR). Industry trends show a mixed picture in terms of how prepared businesses are for May 2018 when it comes into force, so if you’d like to find out more I’d recommend reading our own guide and the ICO’s 12 steps to take now.
At Experian, we firmly believe the GDPR presents a positive opportunity to transform the way you organise and process your data; increasing the value you derive from it and reinforcing customer-centric business practices that are essential in our data-driven age.
I’m going to explore some of those opportunities below but before we kick off, it’s worth briefly highlighting how the GDPR is different to the existing Data Protection Act 1998, under which all UK businesses currently operate.
As the world has become digital we have seen a radical shift in the volume, variety and the speed of data that is produced. The European Parliament and the Council formally adopted the GDPR in April 2016 to address these changes in how our data is used and keep pace with changing technologies that are unlocking more data.
What’s particularly key is that the GDPR puts the focus squarely on protecting individuals and their data. This has also been intentionally agreed as a regulation (as opposed to another directive) which means it will be a single piece of legislation directly applicable across all EU member states.
It includes a number of new and increased obligations that businesses will need to adhere to, particularly around improving customer trust. Of course, some aspects of the regulation will pose challenges and much attention has been placed on the fines for non-compliance, but I think it’s really important to recognise that there are also most certainly worthy ‘carrots’ which organisations should grab with both hands. Here are eight of those benefits that I think best illustrate why there’s every reason not to delay as the deadline approaches.
Tighter controls on data gathering and easier consumer opt-out processes will keep data cleaner and more useful. You’ll get high quality, better qualified datasets from which you can more easily link data attributes to get a complete view of people and ultimately drive more accurate analysis.
If your audience has more control over how you communicate with them, then it’s more likely that you’ll create greater engagement. Target and align messages to those people and you should improve ROI as marketing efforts and budgets need only be spent only on those who are engaged.
Great customer experiences are created when they are personalised to the audience. Improved data management processes give access to a more complete view of that audience around which you can build user experiences that will resonate and meet their needs.
Under the GDPR consumers should know exactly what they are signing up to and what they can expect from you. That means you will only be engaging with genuinely interested customers and cutting down on waste. Also, having organised, relevant and usable data can drive greater operational efficiencies by reducing lengthy manual processes.
The new regulatory environment requires businesses to really interrogate the way they hold data and think hard about how they use it. First and foremost, the consumer’s interests must be upheld so the GDPR provides organisations with a clear incentive to create transparency. This plays a huge role in building trust and confidence. This increases the onus on businesses to earn that trust when it comes to managing people’s data.
Building trust through transparency will deliver better business outcomes. As consumers develop trust in an organisation they are more likely to provide more data in order to take advantage of added value to them e.g. in the form of more targeted advertising, personalised content, and value-add financial services. The opposite however is also true - a lack of transparency, poor practice, and unclear messages will do more than damage a reputation – they will jeopardise the consumer’s willingness to share their data in future.
Developing robust practices around data management for continuous data protection helps you to safeguard your reputation by ensuring customer data is secure and well-maintained with regular cleansing and suppression. It’s also the case that having clean, good quality data improves your ability to respond quickly and efficiently to customers in an event such as a data breach - another requirement of the GDPR.
Designing services and systems that put the consumer firmly in control and which build in privacy and security, provides an excellent platform to enable new technology and innovation that drives value for both businesses and consumers.
Although daunting, the GDPR should be seen as a chance to transform a business for all the right reasons. Its provisions promise to enforce responsible data practices that can only improve relationships with customers. I would encourage businesses of all shapes and sizes to take the opportunity that this moment brings. Now is the time to create a truly consumer-centric approach to data governance and strategy, and to secure your customer’s place at the heart of your data powered future.
If you’d like to find out more about how Experian can help to support your journey to GDPR readiness, read more about our solutions here. And if you’re not sure where to start, a GDPR data assessment can be a good way to define some of the key focus areas.
Please note that while we can support businesses with their preparations for the GDPR, we cannot offer legal counsel or compliance advice.