GDPR: it’s not all bad

I have read many articles relating to the General Data Protection Regulation which focus on the hardship this regulation will impose on organisations.

The General Data Protection Regulation (GDPR) also presents opportunities to review and optimise how business collects, stores, shares, analyses and processes data. These opportunities, if taken, will deliver greater business efficiency while reducing risk.  

Data and process review 

The sheer volume of data generated by today's organisations is ever increasing. The GDPR requires organisations to review all data handling and processing procedures. It presents an opportunity to study and map organisation wide data flows. Organisations will have an opportunity to restructure and streamline existing processes, not only for compliance but also for business efficiency. Again, such a review must be viewed as a positive, worthwhile exercise, regardless of the obligation to do so under the GDPR. 

Writing in the Harvard Business Review in September 2017, industry expert Dr Tom Redman and his colleagues in University College Cork's (UCC) MSc in Business Data, highlighted their research that had found that less than 3% of data in the organisations they studied met basic data quality standards. It was either inaccurate, missing required values, or just plain crummy data. 

The GDPR sets out new responsibilities regarding personally identifiable information (PII) data. Organisations will be required to identify all PII data, determine how to optimally store and process it and make decisions on its continued use and retention. This presents another opportunity for organisations to break down internal data silos, consolidating data where possible, ensuring that the organisation has a 360-degree view of customer and employee data. These deeper data insights will give organisations a competitive advantage and help increase revenues. 

"Putting in the right model of response for GDPR can also help your sales cycles. Research recently published by technology company Cisco found that nearly two-thirds of organisations experience sales delays due to customer data privacy concerns." 

Privacy by design 

A key change brought into the GDPR is that of 'Privacy by Design'. Organisations are required to consider data privacy during design stages of all projects along with the lifecycle of the relevant data process. Building trust through transparency must deliver better business outcomes. As consumers develop trust in an organisation, they are more likely to provide the organisation with more data. The converse, however, is also true - a lack of transparency, inadequate data processes, and ambiguous messaging will risk the customer’s willingness to share their data.

Visit www.lextech.ie for more information.

About Ogier

Ogier is a professional services firm with the knowledge and expertise to handle the most demanding and complex transactions and provide expert, efficient and cost-effective services to all our clients. We regularly win awards for the quality of our client service, our work and our people.

Disclaimer

This client briefing has been prepared for clients and professional associates of Ogier. The information and expressions of opinion which it contains are not intended to be a comprehensive study or to provide legal advice and should not be treated as a substitute for specific advice concerning individual situations.

Regulatory information can be found under Legal Notice