CRM has focused on User Adoption and Business Alignment, however technology is rewriting the rules.
This brings new opportunities but also new responsibilities for conduct in the Data Economy – notably the introduction of GDPR.
Paul will illustrate why the ethos behind GDPR will sit at the heart of the new relationship we will have with the customer, and how to realise the opportunity in having a customer-centric approach to our business.
4. • High Profile failures where organisations have given little
consideration to their Customers Data
• Data Breaches have been ignored
• More important for a company to protect it’s reputation than it’s
customers
• Problems
• Ignores growing concern with the Tech industry
• Playing fast and loose with customer data is going to be worse for
reputation!
Why is GDPR here?
5. • What's changed? The value of data.
• Big Data, Machine Learning, and in the future AI are making data
more powerful.
• Public Perception of the value of data is rising
• But perception of data misuse and lack of trust is also rising
• Companies need Data Policies that provide Customers with
guarantees, and not an ‘anything goes’ mentality
• This does not have to be difficult!
Why is GDPR here?
6. “This is not the end. What you may see is the company
(Facebook) putting in place a set of policies to return confidence
to their handling of data and distance itself from certain third
parties. I think this is the end of the ‘We are just a
platform’ argument. It is increasingly clear now that the company
needs to take more responsibility for how it is used.”
Ed Macnair, CEO of security firm CensorNet on FaceBook
Why is GDPR here?
7. • GDPR Compliance – is about security but is not inherently system led
• True Compliance is about changing our mindset on data
• Put Customers and other contacts at the heart of how we do business
• Data Transparency Customer Centric
• Being Customer Centric Business is as much as an Opportunity, as
being Compliant is a Responsibility.
What do we do..
8. • At heart, the concept behind GDPR boils down to one simple rule
Our Customers own their data, not the companies who happen to
be holding it.
• This gives Customer’s additional rights in the digital age:
• Right to Access
• Right to be Forgotten
• Right to expect data to be stored securely
• Right to Portability
• In some ways, this is not a vast change from the previous DPA but the underlying
principle of Data Ownership has changed.
What does GDPR mean for us..
9. • CRM is all about User Adoption
• Getting your users to work in ways that benefit the organisation and
efficiency of the business
• This typically takes the right platforms or tools
• The same applies to GDPR
• Implementing processes that are easy to adopt and so easy for your
teams to make the business compliant with GDPR
• People will make a business compliant, not systems
How does this intersect with CRM
10. • Unstructured data - organisations store documents, spreadsheets
and other unstructured information that is difficult to audit.
• Email – sending out data over email can be a data breach.
• Lack of Documentation – having a clear structure of how we store
data.
• No Data Access Rights – hierarchy of needs for data.
• Roles and Responsibility – having clear roles internal and 3rd party
for who manages data at your organisation.
Risks of GDPR
12. • Awareness of the data you store and where it is!
• Your Data Real Estate should be well managed storage
• Organised and not a ‘blob’(no more network drive?)
• Able to evidence trust that you are storing data securely.
• Cloud Services, Hosting + Business Analysis
Security
13. • Have the right tools so your staff can implement your processes
• Ease of use to build a compliance culture in the business
• Not a headache or an extra burden
• Empowers your staff rather than sap their time by making compliance
a hurdle.
Tools
14. • Ensure you have the right people for advice
• Be able to deliver innovation in your business to meet the changing
demands of the data economy
• Either internally
• Or externally by using a trusted technology partner
• Ensure you have a partner and not just tech support
Knowledge
15. • GDPR can be easy, it’s not the ‘big bad’
• But it is a cultural change
• And it will only get more important with time..
•Q & A
In Closing
CRM has focused on User Adoption and Business Alignment, however technology is rewriting the rules.
This brings new opportunities but also new responsibilities for conduct in the Data Economy – notably the introduction of GDPR.
Paul will illustrate why the ethos behind GDPR will sit at the heart of the new relationship we will have with the customer, and how to realise the opportunity in having a customer-centric approach to our business.
Uber - http://www.bbc.co.uk/news/technology-42075306
Playstation 2011 - https://www.theregister.co.uk/2011/06/08/password_re_use_survey/
Playstation 2014 - https://www.telegraph.co.uk/technology/sony/11274727/Sony-saved-thousands-of-passwords-in-a-folder-named-Password.html
http://www.bbc.co.uk/news/technology-43241939
https://www.theguardian.com/business/2017/mar/20/three-mobile-possible-data-breach-data-usage-call-history
Don’t think of GDPR as simply a new regulation or awkward rules to follow – but as a change in the direction of travel to both prevent abuses, and to start putting customer data at the heart of what we do.
No security is perfect, and there will be both deliberate hacks and accidental data breaches
However how we manage these incidents, and the level of respect we show to our customers is key
This is the rationale behind GDPR replacing the Data Protection Act, and the steps taken to ensure that organisations are providing a stable and secure environment for their EU Customers and Employees.
Data Policy will then become the same as having an Accountancy Policy, Legal Policy – an inherent part of operating a business entity.
Quote on Crisis Management – how Facebook should look at this is in keeping with how GDPR asks companies to look into data breaches.
Many businesses will have superior data systems but still not be compliant as they don’t use these systems in a compliant way.
At the heart of GDPR is the need for organisations to understand where personal data is stored and apply appropriate controls to secure this information from unauthorized access or malicious activity.
There are a wealth of good articles online that summarise the core pillars of GDPR: http://www.crmcs.co.uk/content/gdpr-and-crm.aspx
What is the highest risk of Data Breach?
It’s not hackers – it’s the holy grail of Email + Spreadsheet attachment.
Why? Because Email is easy to use, and everyone gets it – GDPR compliance should be the same.
Ensure the right baseline is in place so the technology platform is right.
Use that technology baseline effectively, and setup in a way that your teams and users can use effectively.
Store your data effectively in a way that you can respond to Customer Queries efficiently – this is typically using a CRM or Marketing Solution that can prove you are a trusted partner with your customer to hold their data.
Dynamics helps you do this for Structured Record-based data.
SharePoint helps you do this for Unstructured Documents, Images and Email Attachments.
Apps such as DocMan can bind bigger tools together into one solution for your teams to use for GDPR – alongside adding specific functionality to help handle Data Access Requests, and sharing Personal Data with the Data Subject via a Portal or Online interaction.
Understand GDPR and the requirements behind the core principles.
Consent
Right to Access + Right to be Forgotten + Data Portability
Breach Notification
Tech Support will keep the lights on, but is effectively Business as Usual.
The Partner will help you manage your responsibility and outsource some of the burdens to ensure you have the right security and right tools.
A true partner is the difference between a book-keeper and an accountant.
Tech Support will keep the lights on, but is effectively Business as Usual.
The Partner will help you manage your responsibility and outsource some of the burdens to ensure you have the right security and right tools.
Paul McQuillan is an experienced Solution Architect having worked in CRM for the last 15 years, and was the original ‘hybrid’ consultant focusing on both the technical, project management and business analysis sides of implementing and architecting CRM Solutions.
Now running his own consultancy practise and working closely with clients over a long term view, this gives a new perspective on the impacts and change potential of technology in a business – and the steps needed how to build a ‘can do’ culture by having the right technology foundation and tools.