GDPR – A matter of compliance, or trust?

Michael Clinch

The new General Data Protection Regulation that comes in to play in May is accompanied by some hefty punishments for non-compliance.  For many companies, incurring a fine has been considered a risk worth taking up until now, especially where the cost of attaining compliance is known to be high.  New maximum fines will certainly sway the way some companies think about and approach their data compliance, but with the compliance obstacle large and looming, is GDPR actually being viewed through the wrong lens?

In an often face-less digital customer environment, gaining and keeping the trust of customers has never been more challenging. If any of us feel we can no longer fully trust a company to look after our data then we will likely consider switching allegiance. A company that is not GDPR compliant will have inherent risks that data will be mishandled, misused or used for something for which consent was not granted. It therefore risks more than just a fine.

GDPR is all about giving individuals control over how their data is used. The requirement to gain consent for the use of data gives the individual that control, but it also informs the company about that person’s preferences. Information which, when collected and managed effectively, can enhance the relationship that company has with the individual. Trust can be gained and engagement can be customised to suit an individual’s requirements. 

So, although GDPR is new legislation that demands compliance, it is also an opportunity to revisit how you interact with your customers, and to set off down a rich, and more fruitful path, where you better understand customer needs and the customer’s trust in your brand and products can grow.

Blog Post Image

What GDPR mandates

To comply (or to enhance the trust of your customers), you must first identify the data you need to take special care with; this is basically any data which could be used to identify someone.

You then need to look at how you track and store that data and ensure there are robust processes across the whole organisation. You shouldn’t be doing anything with the data which does not add value for that individual. If you no longer need to hold some data, it should be deleted.

What do you have consent to use the data for? Individuals must be given a real chance to opt-out wherever there are choices in how their data is used. ‘Privacy-by-design’ is a good concept to adhere to whenever a system or product to engage a customer is being considered.

Responsibility for compliance with GDPR does not sit in a Data Compliance Office. It should be shared by every individual that interacts with or oversees a process where personal data is involved. This may require a change in thinking or culture, and is essential to ensure compliance is both achieved and sustained.

Attaining full compliance will require effort, but it should not be seen purely as an overhead. Done well, GDPR is an opportunity to bring value and a shift in thinking that can drive your company forwards.

Why Sysdoc?

Our approach to GDPR was developed in conjunction with our clients, and is grounded in the areas where we excel:

  • Process Excellence.
  • Knowledge and Information Management.
  • Transformational Change.
  • Learning Innovation.
  • Creating Intuitive Documentation.
  • Technical Solutions.

 
We have a track record of managing change and delivering process excellence at some of the UK’s largest companies. We’d love to discuss your GDPR programme with you and provide some more details on our approach to achieving compliance. For more information, or to arrange an initial discussion, please contact [email protected]

Latest blog posts

See all blog posts

Keeping it on the DL - Sysdoc Digital Learning Vlog with Special Guest #VLOG2

Our vlog officially has a name, 'Keeping it on the DL', well on digital learning that is! Sarah Vaughan and Spencer Holmes are back again for our second vlog this year with Matt Nightingale. The wonderful thing we are discovering about these vlogs is that they meander off into different topics and we soon realised the impact it all has on each other. Steering away from the typical Q&A set up, we want to have open discussions with our guest speakers so we can create a meaningful and thought provoking discussion. 

Sarah Vaughan

Is a democratised leadership the ‘new normal’ in a Covid world?

March 2020 saw an enforced move to distributed working which for many organisations was a significant shift from normal operational ways of working.  Whilst over the last few years we have seen organisations increasingly moving to more flexible working models for their staff, these policies have normally been developed by the HR function and, for some, have perhaps been seen as a necessity to comply with legislation rather than a genuine commitment to equality, diversity and inclusion and the richness that ensuring this type of flexibility can afford an organisation in terms of attraction, performance, innovation, improved customer service and staff retention.  Though, arguably, the equality, diversity and inclusion agenda has gained more focus with the recent Black Lives Matter movement which has forced organisations to make some tough self-assessments in this space. What about part-time and flexible working? How many organisations had a significant number of men working part-time or members of staff working 100% remotely? Probably very few.

Gaynor Ratcliffe

Celebrate Certification Day 2020: Sysdoc Graduate, Aimée Le Déaut-Griffin

As a fresh out of university graduate with a Business Studies and Information Management degree (team Loughborough!), I wasn’t quite sure the direction my career would take me. My time at university gave me an overview of everything from Finance to Marketing, including bits of IT and the more I attended Graduate Assessment Centres I realised just how vast the working world was. Sysdoc was just one of the organisations that I interviewed with but after meeting with CEO Clare Hill to chat about the role I jumped whole heartedly into the start of my career with Sysdoc. I recall feeling instantly part of the family, even during my interview, and found the core values of the company motivating. Equally, as a young woman, I found the idea of not one, but two female senior leaders to be inspiring.

Sysdoc