Next Gen CMI

GDPR – Think Beyond Compliance

 
June 28, 2018

Much has been talked about the repercussions of failing to comply with GDPR. But, is GDPR only a problem or does it offer a few opportunities too? Well, the real problem may be that we haven’t viewed GDPR with an open mind – let’s explore.

GDPR, the General Data Protection Regulation, is a comprehensive set of regulations governing the way organizations use their customers’ personal data. It applies to all enterprises, within or outside the European Union (EU), that store or process data of EU residents. The regulationrequires firms to transform the way they manage data, failing which they are liable to be fined up to 4% of their annual turnover.

As GDPR came into effect on May 25, 2018, organizations are scampering to ensure compliance. While the operational implications and compliance to the deadline need to be the immediate focus, organizations must also start looking at the long-term impact of the legislation. Although GDPR poses a significant disruption to business operations in the short term, it also presents a few opportunities in the longer term.

As the world becomes more digital, businesses and, to an extent, everyday life depends on data. Data is the lifeblood of organizations and GDPR underscores a vital characteristic of managing data-driven businesses – ‘The way an organization uses data affects its brand and its relationships with customers.’ In doing so, GDPR helps organizations develop data-centric and compliant products, services, and business models, and strengthen trust with customers.

Here are some potential opportunities that firms can tap into while ensuring regulatory compliance.

1. Innovative partnerships: GDPR presents organizations with an opportunity to forge innovative partnerships with customers. Since the regulation passes the control of data back to the customers, it enables an ecosystem where the consumers and businesses can co-create products and services. Once customers see the benefits of new products and services, they would participate more effectively in the development process.

2. Improved brand halo: Customers tend to be more loyal to service providers who take data protection seriously. With privacy at its core, GDPR mandates that enterprises address customers’ privacy needs and concerns, thereby gaining their trust. This improved trust relationship, in turn, helps organizations improve their brand reputation, paving the way for rapid business growth. For instance, companies that are GDPR compliant can highlight it as a differentiator in marketing campaigns.

3. Enhanced operational efficiency: To comply with GDPR, organizations need to be aware of the entire journey their data undergoes- starting from the sources it comes from to what business need it helps achieve. This may need organizations to clean up and transform their existing data landscape which can, in turn, boost operational efficiency. Moreover, in adhering to the ‘right to be forgotten’ policy of the GDPR directive, companies can considerably reduce the size of their data lakes.

4. Improved quality and reliability of customer data: Traditionally, organizations have been inferring customer attributes from a mix of first- and third-party data sources. GDPR, by placing the control of personal data with customers, provides an opportunity for enterprises to design interfaces that can facilitate the process of collecting customer data, in real time, with their consent. This process of collecting data from a single, authoritative data source can have significant benefits including reduced costs for data cleansing and improved target marketing. According to a recent survey92% of marketers depend on better data to run their targeted campaigns.

5. Improved tech stack: Getting data in order for GDPR compliance encourages organizations to replace legacy IT systems and adopt newer architectures that help make their landscape more agile and robust. In a survey conducted among enterprises in the UK, 37% of organizations are confident that their general IT capabilities will improve as they seek to comply with GDPR.

In all, GDPR helps organizations ‘reset’ how they collate and use data from their customers. It will prompt new ways of thinking, and bring about more trust and transparency. From data and software management to building customer loyalty, GDPR is ‘truly’ a business opportunity.

Tags

Deepika Chander is a business analyst with TCS’ Communications, Media, and Information Services (CMI) business unit. She has over 9 years of experience in various roles across BFS and CMI domains. During her BFS stint, Chander has been involved in the design, development, and implementation of mobile banking platforms at leading financial services corporations. In her current role, she works on business transformation initiatives in the data services and analytics space for TCS’ CMI clients. Chander has a Bachelor’s degree in Information Technology from Anna University, Chennai, India.