Are there four letters presently capable of generating greater fear and anxiety for organisations around the world than GDPR?
The majority of conversations surrounding its imminent arrival strike a tone similar to the way citizens were prepared for nuclear Armageddon during the Cold War. With so much attention focused on potential doomsday scenarios, are we ignoring the positive aspects?
Reducing the cost of storing data
Before the digital era, organisations had a finite capacity for data storage. When the filing cabinet looked fit to burst, it was time to purge the documents that were no longer relevant or useful. As businesses transitioned from hard copies to digital copies, that element of housekeeping was often left behind, perhaps proving there’s truth to the saying, out of sight, out of mind.
But storing data is costly. Then there’s the need to store back-ups of that data. Yet it is estimated over half of all information stored and processed by organisations around the world has unknown commercial value, with at least a third estimated to be redundant, obsolete, or trivial.
To comply with GDPR, organisations will need to know what data they hold, where it is stored, and how long to retain it for. As well as compliance, implementing a data management policy could bring about savings as companies no longer pay for the storage of unnecessary documents.
A competitive edge
The currency for business today is trust. With the media sharing stories of dishonest businesses, high profile data breaches and successful hacks, people need to know they can trust their law firm, bank, car dealership, accountant, and any other organisation or businesses they interact with. Those that can prove their commitment will command a competitive advantage over those that don’t.
Under GDPR, data processors will be just as liable as data controllers for ensuring they are compliant. This means that any third party with access to a company’s data, such as an outsourced marketing firm, will have a competitive advantage over their B2B competitors if they can prove they take the responsibility of securing their clients’ data seriously.
Would you rather focus your communications and marketing endeavours on people who are indifferent or hostile to your efforts, or those who are receptive and interested in hearing from you?
With GDPR, provable consent will need to be explicitly given by the data subject before their data can be processed by the data controller. This data can only be used for the purposes that consent has been given. For example, if a customer makes an enquiry via your website, this doesn’t automatically give you permission to add them to your mailing list. Data subjects will also be able to withdraw their consent at any time. Although this might sound like a barrier to engagement, in the long run it will save money and time by concentrating your efforts on receptive leads.
Although GDPR might seem like a burden, the positive changes will encourage businesses to clean up their client data and focus on building valuable information, leading to savings in time and money, and ultimately better customer engagement and higher levels of trust.