Since its adoption in 2016, GDPR has been the topic of many conversations, LinkedIn posts, Google Ads, blog articles and webinars.
Nearly 6 years later, most companies throughout the world have made efforts to achieve an acceptable GDPR compliance. In the EU and around the world, businesses have bravely faced the challenge.
GDPR requires higher data security, and demands that companies appoint a data protection officer and data controllers, and follow the data protection regulations of GDPR. This is not far from the requirements of data integration.
In fact, while looking at how to handle the consequences of the GDPR on your organization, you might find that data integration can help you solve some of the pains and challenges of GDPR.
Personal data protection refers to all the things that can be done to protect your personal information. All your personal data - whether it relates to your private life, your professional life or even your public life.
This could include specific rules, regulations, security measures or even simple practices that have to be followed to ensure the safety of your personal data. As such, GDPR is a measure taken to ensure the protection of personal information about EU citizens.
GDPR has now been applied for years. If you are well-informed about this, jump to the last part of this article.
GDPR, or General Data Protections Regulation is an EU ruling intended to protect the data of citizens within the European Union. It is a law that aims to give citizens more control over their data and to create a uniformity of rules to enforce across Europe.
Although this law comes from the EU, it has a global impact. It affects any business holding personal data on customers, prospects or employees based within the EU. In fact, this could be a huge number of companies throughout the world.
If a business offers goods or services to citizens of the EU, it is subject to the penalties imposed by the GDPR.
Despite its adoption in 2016, the law came into effect on May 25th 2018 and as of that date heavy GDPR fines have applied to any business that does not meet the guidelines set forth.
The data covered by the law is any personal data, i.e. any information related to a person that can be used to directly or indirectly identify the person. It can be anything from a name, a photo, an email address, bank details, and posts on social networking websites, medical information, or a computer IP address.
It is fair to mention that the EU already had regulations about personal data protection long before this newest data protection law.
How is GDPR different from other data protection regulations?
And, last but certainly not least, GDPR requires that companies can document their processes to make sure they are compliant to these rules. GDPR is and has been a large scale administrative burden for many companies.
GDPR has had an impact on companies as well as on public authorities, or other supervisory authorities to ensure that law’s enforcement. One can wonder about the benefits of this massive effort conducted in 2018.
GDPR has not been without its share of challenges for companies having to reorganize themselves and the way they operate towards clients and potential clients.
GDPR compliance has a cost - if only to ensure the compliance of processes and procedures. SMaller companies might have been able to handle this themselves, internally. Larger companies had to pay up to tens of thousands of Euros to become compliant.
GDPR penalties have been set to be discouraging. 2% of Global Turnover can be a very high price to pay for any corporation. Amazon received a $877 million GDPR fine. What's App’s fine was $255 million, while Google and H&M had to pay $56.6 million and $41 million respectively.
Besides, the large amounts of the fine, it is not very favourable for any company to be flagged with a reputation of not following data protection regulations.
GDPR has also had a wealth of positive side effects such as improved cyber security and brand safety (as the risk of data breach is removed). Noticeably, GDPR has also allowed people to be able to surf websites hours at a time without the risk of being overwhelmed with ads from other unknown “related” organizations.
But more than anything else, GDPR has had the huge benefit of putting data protection on the agenda of organization leaders - small and large. And, with the appointment of a data protection officer (DPO) in each company, it has made sure that this focus will remain.
The GDPR law, and in particular the last part about consent, data portability and the documentation of it all certainly puts a lot of pressure on businesses to have 100% control of their data. Basically, since May 25th 2018, you need to:
This is no impossible task to perform if you are working with low data volume all stored and transformed in one and the same system. Often, companies have to deal with a much greater level of complexity.
Your company might sell its products or services via a website. You might use a best of breed CRM system to handle your sales and marketing efforts. And your operations are probably supported by an ERP system.
If these systems are not properly integrated, if you rely on manual transfer of data from one system to the other, then how and where do you keep track of your contacts’ data?
How can you, in a fast and easy way, be able to extract all of a person’s data upon request? How are you sure that the data you extract from one of your systems is all you have about a contact?
Besides, extracting from all systems could be a messy and time consuming process… for the least difficult to document as required by GDPR. This is where data integration comes handy.
By having all data about your contacts 100% in sync in all your systems, you are able not only to get rid of outdated, incorrect information, you can also easily ensure that all contact data is stored in one place, ready to be accessed, delivered or erased. Data integration automates this process so that it is done more effectively and can be documented easily.
Data integration is not as difficult or expensive as it once was. For example, RapidiOnline offers out-of-the-box pre-configured data integration solutions that allow you to get started with your data integration project super-fast.
Because RapidiOnline is pre-configured, you spend less time on logistics and implementation – which is more efficient and cost-effective. The pre-built integration solution contains the most common integration points, and if this is not enough, it is very easy to create additional transfers or customizations. A clever and cost-effective way to solve some of your GDPR challenges.
Henning Lund
Your business is 10 steps away from perfectly integrated data systems. Learn about key preparation, best practise and more in our data integration handbook.
