The GDPR deadline of May 25th came and went, and so far, there have been no massive fines, companies being forced to close their doors, or other signs of the impending collapse of our digital, capitalist society.
As always with new regulations there have been some overreactions – a Church of England priest apparently told his congregation that they could no longer pray for anyone who hadn’t given their written consent. A similar misunderstanding saw a school ban parents from putting their children’s’ names on their bags.
But for most of us, life has continued pretty much as it was before. With one important difference; data requests.
It’s time consuming to remain compliant
Since May 25th businesses are claiming to have been inundated with requests from people asking what data the company holds about them or exercising their right to be forgotten. Due to the large amounts of information they hold, technology and media companies, retailers, and banks have unsurprisingly been hardest hit by consumers, but smaller companies are handling lots of requests too.
A new survey from Gemalto on data security confidence sheds light on why many companies are hitting difficulties. 65% of companies say they have too much data, while 54% don’t know where all sensitive data is stored, meaning they cannot retrieve it when a data subject makes a request.
More damningly, 68% admit to still not knowing what they need to do to maintain GDPR compliance, with 59% failing to carry out required compliance procedures. Being compliant by May 25th this year was difficult enough for most companies, but that was just the start.
Focus on data for business improvement as well as compliance
The most difficult part of maintaining GDPR compliance is getting your company’s data in order. This is exactly what companies need to do to improve business performance anyway.
Most businesses hold vast amounts of information about their customers. Not just transaction and contact data, but also meta data around their online activity.
Putting this all together into a single customer view enables you to craft the perfect personalised offer, anticipate a cancellation or service issue and nip it in the bud immediately, or send the right communication at just the right moment via the right channel.
Get compliant and get smart with data discovery
To respond in a timely and efficient manner to GDPR data requests, a company needs to find out where all the personal data it stores is and then catalogue it so that it can be found again when needed.
This means finding every instance of data you hold about people called, say, John Smith, separating that out into all the different John Smiths, and then tagging it so that if one particular John Smith makes a data request you can easily retrieve all the data that relates to him, and just him.
The goal is to end up with an indexed copy of all your data, so no matter where data is held across your IT infrastructure it can be accessed as if from a single location. This gives you a portal for accessing all your data about any individual customer which can be kept up to date by regularly running the discovery and cataloguing processes on newly acquired data.
When it comes to GPDR requests, staff can use this system to quickly find and package the data they need.
A single customer view
The data inventory you use to maintain GDPR compliance is also an incredibly powerful business improvement, sales, marketing and customer service tool. It is, essentially, the single customer view that has been the goal of customer experience professionals for many years now.
Sales, marketing and other customer engagement staff can use this rich data to improve service and better target and personalise offers. In the contact centre you can manage multi-channel interactions without asking the customer to repeat information; route customers to the right team or person; proactively head off service issues; personalise upsell, cross-sell, and renewals offers; and identify the best customers to find more like them.
Geoff Land is Managing Director of Infinity CCS. He previously held senior positions at Bright Star Communications (Saudi Arabia), founded Inspire FZE in the United Arab Emirates and has held a number of local and international positions at Nortel Networks. When Geoff is not travelling around the world he lives in Monmouthshire with his family and enjoys walking and working on his property.