The General Data Protection Regulation (GDPR) is coming. While many countries have long had data protection regulations in force, this is the first time that there has been a comprehensive set of standards for personally identifiable information. And it doesn’t just apply to EU businesses either, but to any organisation based in the EU or doing business with EU customers. So, when the GDPR comes into force on 25 May 2018, could your business do better with a Single Customer View-based CRM system in place?
What implications does the GDPR have?
Perhaps the most significant point to note for any business is the financial implications of the new regulations. The penalties for non-compliance with the GDPR are now very significant indeed. Certain offences carry fines of up to EUR20 million or 4% of annual turnover. In days gone by many businesses would have paid little attention to data protection and simply taken the hit on fines should they be incurred. Now, however, the fines are far greater and could seriously impact on business operations. A recent survey by the Information Commissioners Office found that most businesses are very underprepared for the GDPR. So, how could a SCV-based CRM system help you to get on top of these new obligations?
A Single Customer View-based CRM and the GDPR
There are a number of key ways in which the new GDPR will increase standards of care when it comes to personal data – and where an efficient SCV-based CRM might be able to make a difference.
Recording consent choices – being able to show consent and staying on top of how those who have provided you with their data want to be contacted could be key in helping businesses to comply with obligations under the GDPR.
Withdrawing consent – it’s crucial to action a withdrawal of consent quickly to remain compliant with the GDPR and that’s where a strong CRM using a Single Customer View is incredibly useful, making it quick and easy to update preferences and to ensure that where consent is withdrawn this is swiftly actioned.
Assigning responsibility – a SCV-based CRM enables responsibility to be transparently assigned throughout the handling of data within the business. This creates a trail of traceable actions, from start to finish. This will assist with compliance with provisions such as Article 30, which requires controllers and processors to, “maintain a record of processing activities under its responsibility.”
Key GDPR questions
Consent is one of the biggest issues under the GDPR and it’s not as simple as just establishing that consent has been given. Organisations need to be able to ask and answer the following questions:
- Does your business have explicit consent records?
- What is being consented to and when was the consent given?
- What context does the consent have?
- If you needed to find the consent record right now, could you?
- Do you have a record of withdrawn consent?
- Do you have the capability to allow for granular consent withdrawal or only a blanket option?
If you struggle with any aspect of the GDPR, a SCV-based CRM could provide a workable structure for compliance – as well as greater overall efficiency. If you’d like more information on how a SCV-based CRM might work for you, get in touch with MarketDeveloper today on +44 1784 432 082.