• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Student360
  • About
    • Secure360
    • UMSA
  • Secure360 2022
  • For Sponsors
  • For Speakers
  • Get Involved
  • Blog
  • Nav Social Menu

    • Facebook
    • LinkedIn
    • Twitter
    • Vimeo

Secure360

GDPR readiness can yield business benefits beyond compliance

May 24, 2018 by Hariom Singh

Letter dice in front of a keyboard - GDPR

Copyright: zerbor / 123RF Stock Photo

Most of the discussions about the EU’s General Data Protection Regulation (GDPR) have naturally focused on best practices for achieving compliance and avoiding penalties. As GDPR compliance becomes a reality this month for all companies that do business with EU residents, an often overlooked aspect has been the overall business advantage of GDPR preparedness.

Because GDPR forces organizations to gain complete visibility and control over EU residents’ personal data, it requires a major revamping of their data governance and data management, as well as changes in processes and technology.

These enhancements for data privacy and security, in turn, can give organizations a competitive edge by also sharpening business areas such as:

  • Operational efficiency and agility
  • Data analysis
  • IT modernization
  • Internal corporate collaboration
  • Supply chain quality and risk management
  • Customer trust
  • Sales and marketing precision and efficacy

Data and analytics leaders should increase awareness of how better business outcomes can arise from changing how their organization handles personal data, according to Lydia Clougherty Jones, research director at Gartner.

“A panicked response to GDPR, which focuses almost exclusively on data protection and security requirements, distorts an organization’s data and analytics program and strategy,” she said. “Don’t lose sight of the fact that implementing GDPR consent requirements is an opportunity for an organization to acquire flexible rights to use and share data while maximizing business value.”

Meanwhile, Forrester analyst Enza Iannopollo said that, as part of their GDPR preparation process, a number of organizations have reported achieving benefits that go beyond meeting compliance requirements.

“These benefits are improved customer experience, or improvements in their data strategies, as well as a number of improvements in the management of security and privacy policies,” she told Capgemini Group recently.

Some companies she’s working with are extending the scope of their GDPR program and turning it into a broader privacy program.

“We’re not talking about compliance here. We’re talking about business strategies that leverage privacy to deliver growth and also differentiation in the marketplace,” Iannopollo said.

GDPR Business Benefits

Here are several concrete scenarios where GDPR readiness will yield broad business benefits.

  • Gain control and visibility over your customers’ data:

Once this is accomplished and business units have a firm grip on this data, the organization will gain significant operational efficiency and agility. Business decisions will be based on superior analysis of comprehensive, up-to-date data, not on partial assessments of fragmented, outdated and low-quality information. Internal collaboration will get a boost once business units are able to quickly share fresh, accurate data with each other, sharpening, for example, sales strategies and marketing campaigns.

  • Improve your network of vendors, partners, supplies and contractors:

As organizations stringently assess the GDPR awareness and compliance of third parties, they’ll dismiss weak ones, re-negotiate contracts and strengthen ties with others, enhancing the quality of their supply chain network by making it safer and more efficient.

  • Bake privacy into all your processes and technologies:

To comply with GDPR, organizations need to embrace the concept of privacy by design. This means that when designing a new system, or service that processes personal data, they must make sure that data protection considerations are taken into account early on and throughout the process.

  • Get the attention of upper management and the board for IT improvements

GDPR introduces Data Protection Impact Assessments (DPIA) to identify high risks to the privacy rights of individuals when processing their personal data, and forces organizations to devote considerable efforts, know-how and technology to the protection of this data.

This mandate makes data privacy and security a boardroom-level issue, and puts it in front of top management. IT and InfoSec teams will have an easier time making a case for modernizing and upgrading the IT infrastructure with more efficient and effective wares, such as cloud-based security and compliance solutions.

In short, the work your organization puts into preparing for GDPR can also have substantial business benefits that extend beyond the realm of compliance, and trigger improvements in a wide variety of the organization’s business functions.

Filed Under: Guest Posts, Business Continuity Management

About Hariom Singh

Hariom Singh, CISSP, is the Director of Policy Compliance at Qualys. With over 16 years of experience in cyber security and IT GRC. As Qualys' director of policy compliance, he helps shape compliance solution products and also works with clients to help them secure their cyber infrastructure and exceed their IT-GRC goals. Prior to Qualys, he worked as the technical lead for Creative Breakthroughs, a technical consultancy, and as senior consultant for Symantec, building his vast experience designing and building effective security and compliance programs for large enterprises in the healthcare, energy, financial and telecommunications industries.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Categories

  • Uncategorized
  • Guest Posts
  • Business Continuity Management
  • News and Events
  • Physical Security
  • Cybersecurity
  • Professional Development
  • Risk and Compliance

latest tweets

  1. Bryghtpath LLC
    Bryghtpath LLC: Bryghtpath CEO @bryanstrawser presented last week at the @Secure360 Conference on "Navigating the Ransomware Challe… https://t.co/iXa3JeRKNN
    about 1 day ago

  2. Scott Sutherland
    Scott Sutherland: For those who missed it, here's a video of the "Building Ransomware Detections" presentation I gave @Secure360 last… https://t.co/DkjNZnCfRw
    about 1 day ago

  3. 🟣Tyler Cohen Wood
    🟣Tyler Cohen Wood: @HaroldSinnott @Secure360 Thank you, @HaroldSinnott!
    about 2 days ago

Footer

Contact

For more information about UMSA events, contact: Marie Strawser

Email List Signup

Join our email list for monthly Secure360 news and updates!




Join our tradeshow email list for updates on sponsorship opportunities and upcoming exhibitor deadlines.

Sponsored by:
© 2022 Secure360. All rights reserved.