As we approach the date of its official enactment, on May 2018, the attention towards the new data privacy regulation grows manifestly. However, to a significant number of organizations, the General Data Protection Regulation (GDPR) is still perceived as an inconvenience which resonates in hard work, time consumption and resources for the sole purpose of limiting the risk of a fine.
But the new regulation represents an important step forward for business development and commercial cooperation. While most people tend to forget the purpose with which the GDPR was originally designed, we strongly believe that it should be much more than a bureaucratic exercise.
The historic legacy
Let’s go back to one of the most important basis of this new regulation: the OECD Guidelines on the Protection of Privacy and Trans-border Flows of Personal Data (1980, revised 2013). Through its different versions, we can find several mentions to economic growth as the original drive to create a consistent, international data policy:
- “To advance the free flow of information between Member countries and to avoid the creation of unjustified obstacles to the development of economic and social relations among Member countries” (1980)
- “Member countries have a common interest in promoting and protecting the fundamental values of privacy, individual liberties and the global free flow of information” (2013)
- “A Member country should refrain from restricting trans-border flows or personal data between itself and another country where (a) the other country substantially observes these Guidelines or (b) sufficient safeguards exist” (2013)
In its chapter three, the OECD drew a definite line of intention for the future GDPR, highlighting the “Free Flow and Legitimate Restrictions” as basic principles of international application. And this focus in innovation and development was kept through the new European regulation.
The 5 drivers for economic growth
As a strong believer of its potentials to create new business opportunities, I have selected five major innovation drivers that transpires the new personal data regulation.
1. More business opportunities
The “free flow” principle stimulates direct cross-border business opportunities. With a common regulation applied to all companies operating in Europe, local governments won’t be able to create new restrictions to the circulation of products and services.
In other words, geographic borders will no longer block business and commercial relations within Europe and although competition might be higher it will also be fairer.
2. Higher reputation and trust levels
The new legal framework will increase customers’ awareness and demand on personal rights and privacy expectations. Respecting data protection regulation will bring positive results in terms of reputation and trust levels. And, with the current power of social media and the focus of the media on GDPR topics you can take advantage of being compliant for communication/marketing purposes.
3. Better customer service
With the responsibility to locate, anonymize and report personal data, companies will be compelled to consolidate customers’ information into unified and systemized platforms. Also, the portability of data allows any customer to freely deliver information about him to any organization.
This will give businesses a unique opportunity to collect 360º views, which together with optimized marketing strategies will create better user experiences and improved services which will ultimately reinforce customers’ loyalty and retention.
4. Reduced compliance costs
The standardization of rules for the use of personal data across entire Europe will mean more transparency and less bureaucracy. Even though the road to compliance can be costly, once full compliance is achieved the positive impacts on cost saving will be immediate. In the pre-GDPR period all the regulatory differences by country or region were required to be taken into account.
With GDPR reforms, companies will all comply with the same regulation, and global compliance will be easier to achieve. Under the rule of “one continent, one law”, companies which operate in international markets will no longer need the support of local lawyers every time they wish to enter a new market or to launch a new product globally.
5. Safer business
By defining mandatory privacy risk impact assessments, the GDPR puts forward a risk-based approach for any business dealing with personal data. This will mean that organizations which align their product or service development with the privacy protection guidelines will have a higher level of security, which will not only benefit their customers but also leads to long term business benefits.
I strongly believe that a successful GDPR journey is much more than just a rule driven conformity. While working with our clients towards compliance, we focus on a “designed for growth” approach that will replace inefficient bureaucratic processes by effective future-proof data management strategies.
By implementing new marketing capabilities and redefining organizational structures and workflows, we ensure the GDPR will be a truly competitive advantage to our clients, driving long-term sustainable growth.