General Data Protection Regulation – compliance threat or transformation opportunity?

As we go into the first full working week of 2018 we have entered the year that the General Data Protection Regulation (GDPR) comes into force. On 25 May 2018 all organisations, of whatever size or industry, will need to comply with the new regulation. A quick online search will give you access to plenty of warnings and scare stories along with some more useful guidance and advice from the Information Commissioner’s Office, but what if you turned the thinking around and look at what opportunities complying with this new regulation could bring?

Working through what your organisation needs to do to comply gives you chance to stop and consider what drives the way your company operates and, as critical as a process or technology, the culture you have and need to succeed in both the short and long term.

At Perago-Wales we take a dual approach to helping organisations comply with the GDPR. Firstly to work systematically through the expectations of the regulation to reach a defensible position for compliance by May 2018 and secondly to look beyond deadlines and processes to the opportunity for transformation of the way services are delivered and organisational culture is embedded.

Both stages of this approach need senior level buy in and engagement. This isn’t a tick box exercise in compliance, to really succeed and build lasting change to benefit customers, users and employees alike, you’ll need to tackle some challenging questions and be prepared to do things a bit differently. So what kind of things do you need to be thinking about? Here’s our top 5 questions for each part of the approach.

A defensible position for compliance

1. Do you know what personal data you hold and where?
2. Would your customers be surprised to know how you use their data?
3. Do your employees and customers trust you to look after their data?
4. Do you really need to use personal data to provide your services?
5. Is personal data vulnerable within your organisation, at risk of misuse, loss or leak?

The transformation opportunity

1. Is there a better way to provide your services?
2. Could digital channel shift improve data flows, reduce risk and improve service delivery?
3. Is your company organised in a way to minimise risk and maximise opportunity?
4. Do you have a culture of openness and challenge?
5. If you were launching your business today would you do things differently?

To build the trust of your users and develop services fit for the 21st century can you afford to ignore the transformation opportunity GDPR can bring? Whatever stage you and your organisation is at, now is the time to be taking action. If you’d like more information, or think that the team at Perago-Wales could support your organisation, then please do get in touch.