With the May 25th, 2018 deadline to get GDPR compliance into effect, enterprises are busy evaluating their data collection, usage, and storage. The penalties for non-compliance are severe, which is why enterprises do not want to be on the wrong side of the law.
There’s also an expectation that the Information Commissioner's Office (ICO) is looking to make an example of companies that breach the law. Add to that, the fact that firms have to incur additional expenditure to realign their data security practices to GDPR guidelines.
All this combined has made GDPR seem like a threat to enterprise operations and revenues. In fact, there have been several instances of companies deleting their entire email database, just so they do not have to bother with GDPR compliance.
But maybe there is a silver lining in all this.
Here’s a look at the opportunities GDPR presents for different enterprise teams:
Data Security Teams
Large enterprises often collect personal data across several touchpoints: marketing, billing, legal, HR and more. Often there’s no single place where all this data is stored, or no standardized security measures around the data collected by different departments.
With GDPR, enterprises now have to re-evaluate all this data. That’s the chance for the data security teams to tighten the ship. They can set up efficient systems that help legally collect and store data. They can also train departments on how to handle and use the data while ensuring compliance.
As these systems are put in place, enterprises will also become more transparent with their customers. And that could become a huge differentiator for their brand, earning greater trust and consequently more business.
For global enterprises, marketing is the one area that’s really feeling the heat with GDPR. They are having to review entire contact lists, trying to figure out how each contact got into their database. And whether they have documentation to show that contacts opted in.
But the fact that GDPR is forcing marketing teams to closely adhere to people’s preferences for receiving communication, is what makes it an opportunity. Here’s how:
Without the option of mass mailing contacts from a haphazardly curated list, they now have to create valuable content that people actively want to receive
Their forms now have to reveal why they are collecting personal information
They have to document consent through opt-in emails, rather than just giving them an option to opt-out later
This puts a stop to bad marketing practices. And also makes sure you get greater returns on your marketing efforts, by communicating with people who have explicitly expressed interested in hearing from you.
For enterprises in industries like IT, AI, IoT, and business intelligence, GDPR presents a huge opportunity for innovation. They can launch new products and services that:
Help companies assess their security standards and GDPR readiness
Offer end-to-end change management while establishing systems of compliance
Collect and interpret customer behavior data without having to rely on personal information
The demand for these is huge, and enterprises that can launch fast will swiftly consolidate their share of the market.
Viewing GDPR as an opportunity might not come easy for enterprises. But let’s put it this way: enterprises have to make changes if they are to ensure compliance. And that will be easier to do if they know there are actual benefits for them, rather than just avoiding fines.