Businesses should look beyond compliance with new data regulations to ensure that their business processes and models are in line with future requirements, advises a privacy innovation expert
Collaboration across business units is vital to compliance with the European Union’s (EU’s) General Data Protection Regulation (GDPR), according to Katryna Dow, CEO and founder of life management firm Meeco.
“Too many organisations have approached GDPR compliance as something that can be fixed by legal teams putting something in a policy document, which is just not the case,” she told Computer Weekly.
However, with the increased sense of urgency that is emerging because the GDPR compliance deadline of 25 May 2018 is just over six months away, Dow said some boards and senior executives are beginning to understand that the impact on their business is more far-reaching.
“This is about a convergence of consumer identity, identity and access management, marketing and personalisation, which requires access to more data, and the pressures of digital transformation in the context of a new regulatory framework,” she said.
The challenge facing many organisations, said Dow, is integrating those four streams of work around the customer. “This is one of the key things that senior executives really need to understand,” she said.
If organisations are dealing only with the legal aspects, there will be unexpected impacts on marketing and personalisation, said Dow.
“Similarly, if they are just dealing only with marketing and personalisation, they are likely to have a compliance issue, and if they are looking only at identity, there may be an unexpected impact on what they are trying to do from a digital transformation point of view,” she said.