So, May 25 was the date that General Data Protection Regulation – better known as GDPR – came into force.
Remember the Millennium Bug? Computer systems were predicted to crash with the warning that airplanes would come falling out of the skies, there would be drought, famine, thousands of deaths and billions wiped off the markets. Only the Millennium Bug never happened.
The hype and scaremongering around GDPR hasn’t quite reached those levels, but there have been lots of myths being pedaled which got me thinking back to 1999 and the feverish preparations and blunt warnings around the Y2K bug.
Then, it was projected that issues in the coding of computerised systems would cause havoc in computer networks around the world at the beginning of the year 2000 but after all the hype, few major failures occurred.
There was no disaster then, just like there won’t be ruination from GDPR becoming legislation.
May 25 was the start date, and not the end, of GDPR compliance. Organisations need to sustain their compliance processes over time.
Look on it as a journey to GDPR compliance in which you continue and maintain your efforts towards a longer-term goal. Be able to prove that you’ve taken the right steps and be able to document and evidence them. Review as necessary and tap into all the help, support and guidance that is available out there.
We’ve seen much in the media about severe fines that could be imposed for non-compliance, and warnings to businesses that they could lose customers by bringing their consents to the GDPR standard.
All along I’ve encouraged business leaders to consider the opportunities that arise from this legislative overhaul in data protection – I say organisations will have better engagement with customers which in turn will build customer trust.
Every week there is a new story about a company harvesting customer data without them knowing. GDPR is great chance to build confidence and trust and demonstrate robust processes and systems are in place for handling personal data.
Compliancy will highlight your business has trustworthy and ethical practices when it comes to marketing communications and the handling of personal data. Compliancy is going to reinforce and strengthen your credibility with not only your customers but also suppliers and partners.
Think about making the most of the new opportunities, from cleansing databases to building trust.
While GDPR does mean making changes, realigning IT processes around personal data can help with digital transformation and the modernisation of out-of-date processes, ultimately, aligning GDPR programmes with IT modernisation could deliver savings, operational benefits and boost productivity beyond a tick-box exercise of ‘just being compliant'.
Organisations should view GDPR as a catalyst for positive business transformation, rather than viewing it as a hindrance and setback. Despite the popular weight of opinion in the media I was one of those that looked positively towards May 25 and a whole new in for personal data protection.