Articles - Privacy - April 30, 2020

Challenges, Fines, and Operational Impacts of the GDPR

admin April 30, 2020

0 664 8 min read

The GDPR, or General Data Protection and Regulation, is going into effect in May 2018 throughout the European Union (EU) and presents important legal changes and challenges for organizations and consumers alike.

Interactions and relationships between customers and businesses are transforming; the GDPR shifts authority over customer data from the business to the customer. Companies need to obtain prior approval from each customer to access and use their data, and customers choose how it’s used, and which businesses can use it.

To avoid hefty fines, legal consequences, challenges, loss of public trust and brand integrity, businesses need to follow the parameters of the GDPR and ensure the legally use of customer data.

Who Will Be Impacted by the GDPR

Every business inside the EU is going to be affected by the GDPR starting on May 25th, 2018. Companies who contract, partner with, and interact with another EU businesses will also be held accountable to the GDPR.

Brexit occurs on March 29, 2019, whereby the UK is removing themselves from the European Union, and confusion has arisen over how this will impact the U.K.’s treatment of the GDPR. The U.K’s government has stated that the GDPR will be part of UK law after the country exits from the EU, but they are going to make legislative changes to the GDPR guidelines according to their own judgments.

Businesses within the EU who have international partnerships, vending and supplier agreements, and contracts with other companies outside of the EU have to ensure that these third-parties also abide by the GDPR.

The GDPR also includes targeted marketing from US websites to EU data subjects if language and advertising are aimed towards specific EU users, including references to EU customers.

Abiding by Data Privacy Levels

Companies need to establish trust with their customers by using their information legally and as indicated by the customer. Customer data includes demographic information, purchasing information, or sensitive Personally Identifiable Information (PII). Any transactions, like financial exchanges, signing up for an account or services, or website or online interaction also falls under the umbrella of customer data.

Client consent and the framework for handling their data:

Consent needs to be informed, highly specific and given by the customer without coercion.
Needs to be a clear indication of the customer’s explicit agreement of their personal information being processed, used, or stored.
Customer silence, pre-checked boxes, auto-filled data, and inactivity don’t legally count as client consent.

Customer privacy levels that either directly or indirectly identify an individual ranked in consecutive order from general identifiers to most sensitive information:

Level 1: Anonymous customer data that indirectly identifies a customer.
Level 2: Indirect personal data or information that indirectly identifies an individual but does not reveal who the person is direct.
Level 3: Personal direct data, which identifies who the user is.
Level 4: Highly sensitive data, such as Personally Identifiable Information (PII) like credit cards.

GDPR Challenges and How to Overcome Them

One of the most difficult GDPR related challenges is focusing on excellent customer experiences while still respecting potentially limited consent and managing an influx of customer data.

Other GDPR related challenges include:

Enforcing transparency and revealing what your company does with customer data, extending across all data and analytics, and all applications, including data warehouses, data lakes, marketing applications, and businesses intelligence.
Ensuring that customer data isn’t kept any longer than is required for the purpose.
Promptly removing client data upon request, which is specifically challenging for older businesses that have decades of client files and data.
Managing massive quantities of data streams.

Businesses need to take steps to overcome challenges:

Implement external network defenses and restriction measures, such as data minimization that limits customer data collection to what’s necessary for specific purposes.
Apply security to customer data via data encryption.
Apply Pseudonymization, as it replaces identifying data with encrypted data and artificial identifiers, so that customer personal data identifiers aren’t traceable.
Design a data stream map to document all processed customer data and update privacy statements for all data streams, including CRM, HR, digital channels, and marketing tools.
Remove redundant, obsolete, or trivial data to minimize risks associated with retaining unnecessary personal data.
Create a unified data governance framework that aligns objectives with data governance processes, policies, and practices.

Penalties and Fines for Non-Compliance…

Read The Full Article

Leave a Reply Cancel reply

DON'T MISS

Leading with a security-first mentality

Danish DPA set to fine furniture company

Why Few Marketers Are Invited To Join Boards Of Directors

How to Completely DELETE Your Facebook Account in 2020

How Much Data Do We Create Every Day? The Mind-Blowing Stats Everyone Should Read

Blazon Online

Latest News

Email Subscription

We are Blazon.Online a strategic partnership between RMA and 2410365 Ontario, Inc located at 37 Hwy 8, Dundas, Ontario L9H 4V1. We send a weekly update and the occasional email regarding response marketing. You can reach us at dl@blazon.online or 416 524 7844. You can unsubscribe at any time.

Industry Leaders Reflect on 2018, Offer Predictions for 2019

Average Cost of Cyberattack Now Exceeds $1 Million

5 Things for a Marketer to Consider for 2019!

30 Must Read Articles On Brand Management

Your Customers May Be the Weakest Link in Your Data Privacy Defenses