Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

GDPR - Why it matters and how to make it Easy


Published on

Looking at the rationale for the new #GDPR Data Regulations, the principles behind the regulation, how this impacts #CRM, and how to make compliance easier.

Published in: Data & Analytics
  • Login to see the comments

  • Be the first to like this

GDPR - Why it matters and how to make it Easy

  1. 1. GDPR – Why is it important, and how do we make it easy? 15th May 2018
  2. 2. Why is GDPR important.. The Data Wild West?
  3. 3. • High Profile failures where organisations have given little consideration to their Customers Data • Data Breaches have been ignored • More important for a company to protect it’s reputation than it’s customers • Problems • Ignores growing concern with the Tech industry • Playing fast and loose with customer data is going to be worse for reputation! Why is GDPR here?
  4. 4. • What's changed? The value of data. • Big Data, Machine Learning, and in the future AI are making data more powerful. • Public Perception of the value of data is rising • But perception of data misuse and lack of trust is also rising • Companies need Data Policies that provide Customers with guarantees, and not an ‘anything goes’ mentality • This does not have to be difficult! Why is GDPR here?
  5. 5. “This is not the end. What you may see is the company (Facebook) putting in place a set of policies to return confidence to their handling of data and distance itself from certain third parties. I think this is the end of the ‘We are just a platform’ argument. It is increasingly clear now that the company needs to take more responsibility for how it is used.” Ed Macnair, CEO of security firm CensorNet on FaceBook Why is GDPR here?
  6. 6. • GDPR Compliance – is about security but is not inherently system led • True Compliance is about changing our approach to data • Put Customers and other contacts at the heart of how we do business • Data Transparency   Customer Centric • Being Customer Centric Business is as much as an Opportunity, as being Compliant is a Responsibility. What do we do..
  7. 7. • At heart, the concept behind GDPR boils down to one simple rule Our Customers own their data, not the companies who happen to be holding it. • This gives Customer’s additional rights in the digital age: • Right to Access • Right to be Forgotten • Right to expect data to be stored securely • Right to Portability • In some ways, this is not a vast change from the previous DPA but the underlying principle of Data Ownership has changed. What does GDPR mean for us..
  8. 8. • CRM is all about User Adoption • Getting your users to work in ways that benefit the organisation and efficiency of the business • This typically takes the right platforms or tools • The same applies to GDPR • Implementing processes that are easy to adopt and so easy for your teams to make the business compliant with GDPR • People will make a business compliant, not systems How does this intersect with CRM
  9. 9. • Unstructured data - organisations store documents, spreadsheets and other unstructured information that is difficult to audit. • Email – sending out data over email can be a data breach. • Lack of Documentation – having a clear structure of how we store data. • No Data Access Rights – hierarchy of needs for data. • Roles and Responsibility – having clear roles internal and 3rd party for who manages data at your organisation. Risks of GDPR
  10. 10. How we do it.. Security Tools Knowledge
  11. 11. • Awareness of the data you store and where it is! • Organisations should have a Data Audit that informs of where and how data is stored. • Your Data Real Estate should be well managed storage • Organised and not a ‘blob’(no more network drive?) • Able to evidence trust that you are storing data securely. • Cloud Services, Hosting + Business Analysis Security
  12. 12. • Data Audit – models the data we hold. • Structured Data – Databases and other Line of Business Systems. • Unstructured Data – Documents and Emails • Secured Storage – only as compliant as your weakest link. • Internal Responsibility – knowing your internal scope • External Responsibility – using the right providers with well understood scopes. Security – how to..
  13. 13. • Have the right tools so your staff can implement your processes • Ease of use to promote a compliance culture in the business • Allows a business to work compliantly more easily, and not a headache or an extra burden • Empowers your staff rather than sap their time by making compliance a hurdle. • Avoids building mini data islands! Tools
  14. 14. • Tools that promote Structured Data over Unstructured – ability to tag documents and emails with Metadata • Data Minimalization – Allow you to minimise the volume of data you hold. • Avoid Copy and Paste – Tools that avoid copies or downloads of data that enlarge your Data Audit. • Communication Tools – email has it’s place, but not for everything. Tools – how to..
  15. 15. • Know what you don’t know • Ensure you have the right people for advice as needed • Be able to deliver innovation in your business to meet the changing demands of the data economy • External Providers to fill the gaps • Ensure you have the right level of Trusted Partner vs Tech Support Knowledge
  16. 16. • GDPR can be easy, it’s not the ‘big bad’ • But it is a cultural change • And it will only get more important with time.. •Q & A In Closing
  17. 17. GDPR Subject Access Requests in Dynamics gdpr-requests.aspx