When you mention the term GDPR, you immediately think of legal challenges and therefore that the ball is in the court of your company’s Data Protection Officer (DPO)? Black Tiger Belgium takes a much broader view: GDPR is a legislation that can only be complied with if it is technologically embedded and applied in real time. A competence of the CIO and CDO, therefore.
Technology at the heart of a good GDPR policy
GDPR or General Data Protection Regulation compliance is so much more than a legal matter. Everything starts with the rigorous application of the ‘data protection first’ principle when developing any data management tool or setting up any process where personal data is used. Where does the data come from? What exactly happens to it? How are different sources of data from the same individual merged, or not? Which communication was sent out based on this data? And on which basis?
“When we get a request from a data subject, I have a problem. I start the long and difficult search for all the individual’s data in all our systems: our webshop data, our customer card data, our customer service data, … I have to be sure that all the data relates to the right person and I have to give the requester his or her answer within the legal deadline. A challenge, every time.”
Does this sound familiar? If so, your company does not yet have the right technology…
Technology that allows you to efficiently and objectively manage data processes is the indispensable core of a good GDPR policy. And this goes far beyond buying a tool that helps you track data subject rights. All processes involving individuals’ data should be built, maintained and adapted with a ‘privacy by design’ and ‘privacy by default’ approach. According to Black Tiger Belgium, no company should ever be at risk of non-compliance again. That is why the 99 rules of the GDPR – around data subject rights, accountability, traceability, register of processing activities, retention period, data security, etc. – are fully integrated into the Master Data Platform. Users of the software can easily obtain an up-to-date, complete and qualitative picture of all data available in the company on each individual at any time. A unique GDPR score also allows real-time management of the risk of exploitation of personal data.
Interaction between technology, organisation and policy
However, adapted technology alone is not enough. GDPR and data compliance also require a new kind of organisation and responsibilities. Data Stewards, for example, who watch over data quality, are given a crucial role. Indeed, the accuracy of processed data is a key issue for the legislator. As a data controller, you are responsible for regularly auditing, correcting and updating personal data, as well as deleting erroneous or incomplete data. (The Master Data Platform also pays particular attention to this Data Governance aspect, by the way, based on more than 30 years of business expertise in data quality).
On top of the technological and organisational aspects of GDPR, a clear adoption policy should also be rolled out, encouraging a ‘privacy-first’ way of thinking in all parts of the company.
A company’s GDPR policy thus also becomes an important external asset. Data protection, ethics and respect for the individual are increasingly inscribed in the DNA of brands and represent a strong competitive advantage.
Discover now the RGPD module of Black Tiger Belgium’s Master Data Platform.
Is data quality your priority? Discover the Master Data Platform’s data quality module.
Recent Comments