Shahzad Ahmad, Vice President Cloud Competence Centre & Data Privacy, Genesys
With high-profile data breaches regularly appearing in media, security and privacy are more visible and important to the general public. The arrival of General Data Protection Regulation (GDPR) is set to heighten this focus but critically, businesses should view the coming regulation as an opportunity to strengthen their customer relationships.
GDPR will change the way that personal data is accessed, collected, used, transferred and stored. The regulation was embraced by the European Commission in April 2016 and will come into effect in May 2018. With significant penalties for those who do not comply, the regulation has already put a microscope on UK businesses, both small and large.
The most talked about element of GDPR is the fine that can be levied for non-compliance: €20 million or four per cent of a firm’s global turnover. While this surely would be devastating to any business, many companies fail to consider the other impacts that come with failing to comply, such as a damaged reputation. A loss of brand trust can be equally as detrimental to the bottom line of any business.
A key issue for businesses of all sizes is ensuring that they are equipped to be accountable for GDPR. With regulation at play with significant ramifications, it’s vital that they empower a team – or in the case of a small business, a point-person – to fully audit and monitor GDPR implementation. This person or team should consider every aspect of how customer data is captured, stored and transferred across borders. Importantly, they should also ensure that all data capture is based on active consent; the days of a pre-filled checkbox to sign up to newsletters are well and truly over.
Businesses that have yet to start looking into GDPR should start doing so now. I highly encourage companies, especially smaller organisations, to seek third-party assistance. Across their data value chain, they should look to companiesthat are market leaders with top notch products and offeringsto assist them.
GDPR will also bring many opportunities to your business.If implemented correctly, GDPR can lead to a paradigm shift in the way that companies organise themselves and approach aspects of the business. By re-focusing on gaining customer consent overly volume metrics like the number of email addresses in their database, brands will be challenged to communicate with their customers in new ways, building deeper, longer-term connections with a more engaged customer base. These connections will lead to higher satisfaction and more referrals, benefiting the brand through revenue generation.
Overall we have seen a significant increase in engagement and communication from our customers on the topic of GDPR in the past six months. It’s clear that the regulation is spurring brands to look closely at the information they ask for, why and how they plan to use it for the good of the customer.It’s an important start but we must all remember that GDPR should not be viewed as regulation with a single deadline. GDPR is a catalyst for change but companies need to understand and treat GDPR as an ongoing process that must be continuously finessed and progressed with time.