The General Data Protection Regulations (GDPR) is a great opportunity, if you work with it. It is also, however, a threat, if you dare to ignore it. You’ve only got until 25th May 2018 before it is fully applicable in the EU and elsewhere. We are using the popular SOSTAC ® Planning framework to help you to plan and embed your own GDPR. Part 1 explored what it is GDPR and why organisations and customers need it.
In Part 2, we will look at setting a clear GDPR ‘Objective’ and also a crystal clear strategy to help you to embed GDPR. Part 3 will explore Tactics, Action & Control (the final sections of a SOSTAC® Plan.
To be GDPR compliant within 12 months.
This is a major challenge and 12 months is deemed to be unrealistic by many experts. It might take 2 years? Be prepared.
Data Technology means GDPR is required more than ever before
Improve data management & the Customer Experience (CX) simultaneously.
Start managing data much more seriously. Manage data better, quicker, faster and with far better security. Adhere to GDPR Guidelines within 12 months by appointing a data controller, initiate training, testing and reporting using a budget of £xyz. Adding GDPR audits to board agendae.
Build a Data Protection Culture. Cultural change is critical. Attitudes to personal data must change. Personal data is a new currency. Training is not mandatory (well it is! But think of it like ‘Training is an opportunity’). Embracing GDPR requires a cultural change. Michael winner once said that a ‘£60 fine for driving in a bus lane was very good value’ (source: Ruairi Thomas MD, DST Systems). So how do you stop people thinking that GDPR fines might be cheaper than changing the whole culture of the business into a customer centric, customer caring, & data protecting – type of organisation? GDPR is an opportunity.
Become transparent. The whole organisation must become transparent regarding collection and use of data and be accountable.
GDPR has a cost but also brings an opportunity for a better Customer Experience – which, in the long term, means better business.
Part 3 will explore Tactics , Action & Control – the remaining sections of a SOSTAC ® Plan.
|Powers of observation:
Two goldfish in a fishbowl one says “it’s wet in here” the other says “wow, a talking goldfish”.
Are some organisations fully observant as to what is happening with this new GDPR?
If you enjoyed this you might also enjoy:
Part 1 GDPR: Opportunity to Boost CX or a Threat of Closure?
How Trump Won by analysing data to deliver extremely relevant and highly targeted messages that worked.
How To Write The Perfect Plan in 4 minutes using the SOSTAC ® Planning Framework (4 min. video)
Armstrong, Jonathan (2017) Cordery: ‘All you need to know about GDPR but were too afraid to ask’, GDPR Conference Europe, 27 Apr
Cameron, Gareth (2017) ICO: ‘The pathway to implementation’, GDPR Conference Europe, 27 Apr
Kolah, Ardi (2017) Henley Business School: Sizing the risk – carrying out a data protection impact assessment Lite
Miller, Nigel (2017) Fox Williams: Individuals’ Rights Under The GDPR, GDPR Conference Europe, 27 Apr
Smith, PR (2017) SOSTAC® Guide to your perfect digital marketing plan
SOSTAC® Portal for SOSTAC® Certified Planners
Ardi Kolah, Executive Fellow & Programme Co-Director, GDPR Transition Programme, Henley Business school, University of Reading.
Nick James, CEO of Amplified Business Content, hosts of GDPR Europe Conference