Companies can turn GDPR compliance into competitive advantage
GDPR comes into force on May 25th and will have an effect on all companies that collect user data even if they are outside the EU.
Independent identity research and strategy company One World Identity has produced a report that aims to serve as a definitive primer on what companies need to do to comply, and help them turn that compliance into a competitive edge.
"Even if a company is not currently governed by GDPR, raising the bar for accuracy in line with the regulation’s principles could have a tangible impact on their bottom line," says Kaelyn Lowmaster, Principal Analyst at OWI. "Many organizations have adopted a 'shoot first, ask questions later' approach: collecting high volumes of data under ambiguous terms of service, then looking for ways to leverage it to improve their businesses afterward. Under GDPR, this approach is no longer legal. No matter how advanced your company's tech, you can't rely on algorithms alone to evaluate your customers without giving them more information."
The report covers what GDPR says and further clarification on its practical implications, highlights questions companies should consider as they adapt to consumer-centered data processing standards, and puts forward seven steps companies can put in place now, whether or not they are facing an immediate compliance mandate from GDPR. It also highlights the things companies should be watching for in the near-term.
GDPR focuses on identity and the information that companies collect from their customers, the organizations with which those identities are shared, and the decisions that are made based on processing identity attributes. However the report points out that companies won't truly understand their scope until the first rounds of sanctions for non-compliance are levied. GDPR will raise the bar for data protection worldwide, even where the regulation doesn’t actively apply.
The full report is available to purchase from the OWI website.