In May 2018, the General Data Protection Regulation (GDPR) will take effect, enforcing all organizations to be compliant. While the principles of accountability and transparency have previously been implicit requirements of data protection law, the GDPR’s legal emphasis will be crucial both for businesses and organizations operating across borders in today’s digital economy.
How will you balance providing a seamless customer experience with the increasing responsibilities in data privacy and security?
As we continue to see an increasing number of high-profile data breaches, brands are recognizing the long-term impact of how a data breach can lead to a loss of consumer confidence — not to mention massive financial implications.
Vigilance is the key. From the vendors you choose to work with, to the policies and procedures in place, here are five steps to jump-start your data governance strategy and ensure successful integration across your organization.
STEP 1: Due Diligence
Audit data flows to determine who has access and where data is going.
Business Team | Technology Team |
|
|
STEP 2: Data Inventory
Build a data inventory to understand what personal data your organization collects, where it is stored, how it is protected, and who may have access to it.
Business Team | Technology Team |
|
|
STEP 3: Build Controls
Develop policies and procedures to provide clear and accurate notice of data usage both internally (policy and process) and externally (notification and terms and conditions).
Business Team | Technology Team |
|
|
*Ensure employee training across the entire organization |
STEP 4: Data Governance Panel
Work across the organization to activate against internal processes for both business and technology teams to move forward.
Business Team | Technology Team |
Communicates with Technology on:
|
Communicates with Business on:
|
STEP 5: Provide Clear and Accurate Notice
Ensure transparent and explicit consent (opt-in) and communicate usage across the organization, customers and vendors.
Business Team | Technology Team |
|
|
In an era when providing a personalized experience is paramount, customer data can be vulnerable to many outcomes. Organizations must be proactive to mitigate the risks that could potentially expose sensitive information. There are five ways to promote an organization-wide tenor of consumer confidence and to ensure that the value exchange of data is safeguarded. From a vendor standpoint, data should be audited to determine who has access and where the steady flow of information is going. The strategic parameters for your business and technology teams must be defined. Build a data inventory to understand what personal data your organization gathers is essential. Where does it live? Who in the organization has access to that information. And what kind of data is it — first, second, or third-party? Organizations should develop the policies and procedures that provide built-in controls for the usage of that data once it is defined for each case. Make sure that the vendor is working hand-in-hand to reach a level of business expectation that serves the customer experience. What’s in it for everyone? Lastly, ensure transparent and explicit consent of that information and communicate usage across the organization, customers, and vendors.
Learn more about how to make sense of the current legal landscape and how to provide these safeguards to your customers in our webinar: 5 Steps to Building your Data Governance Plan.
Download our Data Governance Checklist: 5 Steps for Balancing Customer Experience with Privacy & Security.