Compliance: The Final Frontier

A Guide to Data Privacy in the Era of GDPR, Part IV

Our three previous blogs have delivered you to the shore of a new world – one where consumers can see and control what happens to their digital presence, and where companies are expected to actively protect, serve, and empower them. You’re on the cusp of compliance: you’ve built the necessary policies and processes, and have cultivated a compliance-positive culture within your organization. Stepping onto that shore is stepping into the future, and the future is where true compliance lies.

So far, our focus has been on making material changes to your business. But we have approached them as point-in-time efforts; we didn’t pay much attention to the living nature of the future work they represent.  The new concepts of data protection and compliance live and breathe.  They evolve over time, which means that your company, and everything you’ve just built, needs to as well.

So how do you meet this challenge?  How do you stay compliant?

In the simplest terms, there are three aspects of GDPR, CCPA, and beyond that need constant focus and care:

  1. Co-managing consumer data with your partners
  2. Assisting your partners with their compliance practices
  3. Keeping your business in sync with new and evolving laws

We’ll delve more deeply into these topics in the SIGMA Insight, but I still want to emphasize their importance here.  If your efforts stop at your company’s border, and only your link in the data chain is strong, then you and all your partners won’t achieve compliance.  This is an opportunity for your company to become a leader in the space.  That’s what we have done here at SIGMA.

Your company must provide a guiding hand to all your partners. Test and question their practices, suggest improvements, and be firm when you need to.  It’s okay – and, in fact, a recommendation of the GDPR – to refuse to work with partners who can’t or won’t follow these laws. Lead by example and share what you know, and if necessary, flex your muscles at contract time. Make it known that you’ll only partner with companies who take consumer protection as seriously as you do, and who are always trying to be good digital guardians of the consumer information we know to be dearest.

When it comes to actions you take on behalf of a consumer, make sure you share what you’ve been told to do, whenever you’re told to do it.  Keep an open hotline to your partners, and again be a leader who ensures that everyone works in concert when there’s a data task in the offing.

Finally, and as important as anything we’ve done on this journey, keep your eyes and ears open for everything new that’s coming. In January 2020, you’ll be compliant with 2018 GDPR and ready for CCPA 1.0.  But you need to be ready for the possible 2020 and beyond GDPR revisions, CCPA 1.5 and 2.0, and whatever new state, federal, and world laws are announced in February, June, and December. Keep your data protection team activated, and be ready to leverage everything you’ve already learned to keep yourself ahead of the curve.

Thanks for taking this journey with us. Be sure to read our upcoming SIGMA Insight for an in-depth look at all things GDPR and CCPA, and how your company can join SIGMA as champions of consumer data protection.

Knowledge is Power

A Guide to Data Privacy in the Era of GDPR, Part II

When last we left you, you were staring into the jungle of data protection laws known as the GDPR and CCPA. The question at hand was where to begin.

Charting a path through unknown territory, especially with these laws’ high stakes, seems like a daunting task. By reading this far, you’ve developed a sense of what’s ahead, and understand that making these changes is not going to be a quick weekend effort. But without a map to guide you, you can’t see your way to success. That said, it’s impossible to craft a good one right out of the gate; you’ll build your map as you head toward complete compliance. It all depends on your organization’s current state.

As the title of this post suggests, knowledge is powerful. You’ll need to thoroughly understand your company’s systems and practices to complete the hard work ahead. That’s how you should frame this first part of your data protection work: a survey of the terrain, and a discovery of what you don’t know about the consumer data in your care, and the structures that support it.

Think of it as an audit, but with a focus on system security, access privileges, and data sharing. Start by examining everything. Involve your IT teams, your security managers, your data analysts and more. Get to know exactly how your company works, and then document it. Because that’s the map you actually need, and the foundation for the work we’ll talk about in our next post.

Stay tuned for part three of this blog, and SIGMA’s upcoming Insight on the subject.

Adam Smith Speaks at the ABA Bank Marketing Conference

Check out Adam Smith delivering a great presentation on “Data and Machine Learning Worth your Time and Money”. Adam gave this speech at the American Banking Association’s 2018 Bank Marketing Conference in Baltimore, Maryland on September 24th. In this video he explores such customer segmentation, customer profiling and predictive modeling. He, also, wrote this blog on the same topic.

 

 

Please like and share the YouTube video and/or subscribe to our channel for great future videos and clips like this.