25th May 2018. This is the date that many Data Protection, Governance, Compliance and Marketing people have got pinned up above their desks – in fact many different job roles in organisations of all shapes and sizes are involved in preparing for “GDPR Day”.
We believe that the GDPR presents a great opportunity for organisations, but with less than a year to go before the EU GDPR regulation enters UK law via the Data Protection Bill announced in August 2017, there is still lots to do.
As May 2018 approaches the EU General Data Protection Regulation (EU GDPR) is moving quickly up the agenda of most businesses. It’s also establishing an increasing presence in the mainstream media as consumers become more tuned in to what it means for them.
Wherever you are in your GDPR journey, an absolute must is having a good appreciation of the basic elements of the regulation so that you can plan accordingly. As a useful summary I’ve listed six important elements below, extracted from our whitepaper ‘Defining the data powered future’. I’ve also included some important areas of consideration for each which may help to focus your planning. Of course, it’s by no means exhaustive and we’d always recommend referring to the ICO for more detail.
Banks and Financial Institutions are by now well versed with submissions to regulators both national regulators and to European Central Bank. However the launch of Anacredit regulations, brings a new dawn to the granular level of submissions to the regulators. In a nutshell, Anacredit is applicable for all institutions which has more than EUR25,000 credit risk exposure to a counterparty. No other regulation by ECB has mandated such a granular level of data requirement by financial institutions.
At Experian, we firmly believe the GDPR presents a positive opportunity to transform the way you organise and process your data; increasing the value you derive from it and reinforcing customer-centric business practices that are essential in our data-driven age.
I’m going to explore some of those opportunities below but before we kick off, it’s worth briefly highlighting how the GDPR is different to the existing Data Protection Act 1998, under which all UK businesses currently operate.
It is still difficult to comprehend that one in five businesses of all sizes has experienced a data breach in the past two years (21%). Our latest research (carried out by consultancy company ComRes) has shown this.
The impending GDPR is ready to impact every organisation that deals with Europe. The penalties are big, so preparation is key.
A core theme of the European Union’s General Data Protection Regulation (GDPR), which is to keep consumer interests front of mind at all times, mirrors sound fundamental advice for all companies.
Any company, small or large, depends on its customers for business – and therefore success. They’re the lifeblood. And yet, our research has revealed that in the event of a crisis, specifically a data breach, businesses can become introspective and (unintentionally) put their interests ahead of their customers.
Traditionally, organisations have tackled their SCV requirement through the deployment of an MDM platform. And yet, as Philip discusses in his paper, ‘MDM has always been complex, costly and time-consuming to implement’ and so not necessarily, therefore, in tune with modern business requirements. Layer in an increase in regulation and we have a perfect storm of reasons for organisations to seek an alternative route.
So, what options are there for organisations looking to keep costs to a minimum or take a more agile approach to developing an SCV?
The impact of the GDPR (or the General Data Protection Regulation) on data strategies is rapidly coming into focus ahead of the 25th May 2018 deadline, the date on which it comes into force.
With this in mind, I thought it would be useful to take a look at one particular element of the GDPR that is going to present both opportunities and challenges for businesses. That element is the right to data portability.
If you saw my recent Global Data Management Research highlights post you’ll be aware that there are some pressing issues that organisations are up against in 2017. I was delighted therefore to have the opportunity to explore some of these issues further in a feature article on IT Pro Portal. You can see this below or visit the site to read it along with a wealth of other data-related market perspectives.
Copyright ©, 2014-2017. All rights reserved.
Experian Ltd is authorised and regulated by the Financial Conduct Authority. Experian Ltd is registered in England and Wales under company registration number 653331.
Registered office address: The Sir John Peace Building, Experian Way, NG2 Business Park, Nottingham NG80 1ZZ.