GDPR 1 Year Countdown: Ready or Not?

GDPR 1 Year Countdown: Ready or Not?

Stuart Lacey

Founder & CEO at Trunomi

Investor and entrepreneur with a successful history of founding innovative companies and building remarkable shareholder value. Over 20 years of leadership experience in the C-Suite of global financial and technology markets,with a keen eye for growing successful teams and developing highly innovative solutions and technology platforms. A multiple award-winning Member of the Young Presidents Organization; the Young Entrepreneur’s Council and The Institute of Directors; as well as a graduate of McGill University and the inventor of a number of industry defining patents.

Views 1539

GDPR 1 Year Countdown: Ready or Not?

16.06.2017 07:45 am

In less than 1 year the General Data Protection Regulation (GDPR) will be enforced. If you haven’t heard by now; the GDPR will fundamentally change the way that companies capture, manage and store information of EU Citizens. The primary aim of the regulation is to protect EU Citizen’s right to privacy, give them back control over their personal data, unify privacy regulations across the European Union and increase data trust and confidence in this digital age.

However, despite the potential fines of 4% of global turnover starting in less than year – 25 May 2018 – research indicates that many organizations are behind schedule for compliance. Recent analysis from Oliver Wyman indicates the FTSE 100 companies could face fines of up to £5 billion a year. Had GDPR been in place for the past five years, the consultancy’s analysis shows that FTSE 100 companies could owe up to £25 billion in fines to EU regulators. To put that into perspective, if we thought the recent £400k TalkTalk fine was big – that would have been £59million under GDPR. UK ICO Elizabeth Denham has warned businesses that regulators will be vigilant, and will be looking at “Accountability and data governance… not just investigating data security incidents.” What does this mean? Under GDPR a business must not just be compliant, they must demonstrate and be able to proactively prove compliance.

 

Organizations Unprepared

recent survey from the Direct Marketing Association showed that just over half of businesses say they are on course or ahead of their plans to be ready by 25 May 2018, with a further quarter of companies yet to even start a GDPR plan. Why are so many organizations unprepared? Uncertainty over the applicability of GDPR after Brexit may have stalled preparations in UK. However, as our previous blog highlighted, despite Brexit; ‘GDPR means GDPR’. The UK will still be a member of the EU when the regulation is enacted, and in any event, the extraterritorial nature of GDPR means it applies to any company worldwide doing business with EU citizens. Multinationals are taking notice, a PwC pulse survey asked C-suite executives from large American multinationals about their GDPR plans and found that 77% plan to spend $1million or more on GPDR, with over half of US multinationals reporting GDPR as their top data protection priority. The facts are clear: regardless of location; GDPR must be prioritized over the next year to avoid major financial penalties.

Consent driving customer trust

According to the DMA survey, B2B marketers are the least prepared, and the biggest change they’re worried about is consent. Under GDPR individual data rights are strengthened, with consent as the cornerstone of the customer data relationship. By enabling consumers to withhold and withdraw their consent, GDPR puts a high price on consumer trust. Organizations must review how they seek, obtain and record consent and ensure it is ‘freely given, specific, informed and unambiguous.’ Customers must know exactly what they consenting to and give an affirmative action – silence or inactivity or pre-ticked boxes will not constitute consent.

Looking at fines and consent non-compliance: article 83 of the GDPR states that infringements of the basic principles of processing, ‘including conditions for consent’ can be subject to the highest level of fines (so 4% of total worldwide turnover of the preceding financial year). Marketers are particularly concerned about what new opt-out consent requirements will mean for their organizations, and will mean losing access to customer data.

Consent management technology solutions

My advice? Don’t fear engaging the customer and use GDPR as an opportunity to engage in a trusted, transparent relationship and create new services built on two-way flows of permissioned data. In this digital age; data is the fuel that powers businesses and technology companies should be involved in every stage of the process.

Technology exists that can enable business to evolve to this new data protection paradigm by capturing and immutably recording legal basis for processing customer data (consent or otherwise). In addition, moving to all digital processes not only improves customer experiences but it drives down costs – welcome news to businesses increasingly under pressure to watch their bottom line and compete. Active consented data is more powerful than inactive, stale-dated information and businesses that embrace technology to solve GDPR, above and beyond ticking boxes, will win over those who don’t.

The article originally apeared at: Trunomi

Latest blogs

Martijn Bos Holland FinTech

Making it through the rain: Finance in times of turmoil

You’d need to be living on a remote island, without electricity or internet to not be aware of what the world is going through right now – a medical crisis that has spread across the world and disrupted supply chains, goods and services production, Read more »

James Devoy Sysnet Global Solutions

PCI DSS and Remote Assessments

COVID-19 is obviously changing many aspects of daily life. Some will be short term measures to see us all through these times, although I wonder how many will become more permanent fixtures in our lives. The PCI SSC has provided guidance to allow Read more »

James Booth PPRO

Brave New World: A Futuristic Vision of Payments

Over the last ten years, the retail e-commerce ecosystem has undergone a wide-ranging transformation. As recently as 2010, the e-commerce and payments value chain were relatively straightforward: Any eCommerce merchant could integrate a payment Read more »

Nish Kotecha Finboot

How blockchain could potentially transform global healthcare in the wake of COVID-19

In the globalised world we live in, entities such as the World Health Organization (WHO) have been established to ensure cooperation between different governments on global health-related issues. In the face of pandemics such as the one we are Read more »

Lina Andolf-Orup Fingerprints

Dispelling biometric myths and misconceptions

Gangsters cutting off enemies’ fingers to access secret locations and spies lifting fingerprints from martini glasses - the imagination of the entertainment world has been running wild ever since biometrics entered the scene. Couple that with the Read more »

Magazine
ALL
Free Newsletter Sign-up
+44 (0) 208 819 32 53 +44 (0) 173 261 71 47
Download Our Mobile App
Financial It Youtube channel