Story image

How every business can benefit from GDPR compliance

18 Jul 18

GDPR regulations are transforming the way businesses operate both online and offline around the world. While most organisations can find the road to compliance expensive and complex, the long-term opportunities are plentiful when the process is managed in the right way. This involves rolling up sleeves, diving deep into data protection and changing the way that teams and individuals think about personal data.

At its very heart, GDPR is all about protecting customer and employee data. It requires organisations to adopt stricter protection policies, to document how they store, use and share personal data and review data governance principles regularly to ensure compliance. In essence, companies will not only need to manage huge volumes of data but also enable a cultural shift in order to ensure the door remains locked to breaches and a solid reputation remains intact.

Opportunities to build consumer engagement while saving costs

There are many misconceptions when it comes to GDPR. New data privacy culture has become one of the most intricate debates happening around the world as it weighs notions of ethical and professional practice. How an organisation deals with GDPR compliance will depend on how it is utilising data, the industry it is operating in, and how and where that data is stored.

For GDPR compliant companies, the opportunities and competitive advantages are clear. Not only will they avoid the hefty penalties inflicted for non-compliance, but they will be well on their way to building authentic, transparent relationships with customers and a more people-centric business.

In a survey with 1,000 UK consumers, 62 percent said their confidence about sharing data with businesses has been improved by the incoming laws. In the same report 80 percent of consumers would be very or moderately comfortable with sharing data about their interests for marketing purposes.

While consumers are clearly aware of the drastic changes that are happening within companies, they’re also recognising the shifts in regulations are in fact to enforce cybersecurity and privacy. On the other hand, for a business, by implementing the right compliance design principles and collecting only relevant data, they can streamline and eliminate data storage and collection processes, prevent data breaches and cyber-attacks, and reduce costs significantly.

A simple process change just won't cut it

GDPR legislation demands an organisational shift across all departments, from legal to sales and marketing to IT. And the fact is that simple process change won't quite cut it. Even with digital platforms such as Facebook, followed by many other businesses, moving quickly towards an educational approach with their customers on revised data collection and privacy policies. It is still surprising to learn how complacent the majority of individuals and businesses remain when it comes to data security.

The good news is that there is an evident rise in employees understanding their role in protecting data and who are aware that privacy issues are a very real risk now that GDPR is firmly in place. Despite the challenges ahead, it appears IT professionals generally support the regulations, with 65 percent of UK respondents of a Spiceworks survey saying they are in favour of the GDPR.

For any business, building a GDPR framework will be an ongoing process that begins with induction and education. This should be reinforced routinely and whenever any data protection issues occur. From creating personalised staff awareness workshops to investing in business automation and data protection solutions, there are many ways a company can raise awareness and create a robust framework for the compliance.

As the saying goes, Rome wasn’t built in a day, therefore, GDPR cannot be a process that is shaped overnight. It requires a long-term commitment to cultural change, continue to educate and be vigilant; the entire organisation has to be on-board with responsible and compliant collection and treatment of data. 

Though, it’s important to remember that with change comes opportunity. The businesses of the future will approach GDPR mandate as a chance to reimagine compliance and prove their business can succeed. Those with foresight will grab the best opportunities.

 Article by Unit 4 A/NZ country manager and sales director Chris Tithof.

Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
How blockchain will impact NZ’s economy
Distributed ledgers and blockchain are anticipated to provide a positive uplift to New Zealand’s economy.
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.
Symantec and Fortinet partner for integration
The partnership will deliver essential security controls across endpoint, network, and cloud environments.
Review: Blue Mic’s Satellite headphones are good but...
Blue Mic’s newest wireless headphones deliver on sound, aesthetic, and comfort - but there is a more insidious issue at hand.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.
Forcepoint and Chillisoft - “a powerful combination”
Following Chillisoft’s portfolio expansion by signing on Forcepoint, the companies’ execs explain how this is a match made in cybersecurity heaven.
David Hickling in memoriam: “Celebrate the life and the music it made”
Dave was a well-respected presence in the IT channel and his recent death was felt by all the many people who knew him as a colleague and a friend.