Skip to main content

GDPR surgery – prevention is better than cure

(Image credit: IT Pro Portal)

As the saying goes, prevention is better than cure. And this couldn’t be truer than when it comes to data compliance. Get the processes right in the first instant and a business doesn’t need to worry about potential fines, but not adhering to the regulations and you could land your business in hot water.

GDPR is now several months underway and the legislation has put a spotlight on the importance of data. The aim of it is to give individuals back control of their data in how organisations handle it. As such, we are starting to see the long-term impact for businesses that are looking to cure their data woes, rather than prevent them.

A few months ago the Information Commissioner’s Office issued Facebook with the maximum fine of £500,000 for failing to protect users’ personal information. Interestingly, although there have been some major data breaches since GDPR came into force, for instance Facebook, Marriott and British Airways, no major fines have been imposed. Many experts, like Mozilla’s Head of EU Public Policy, Raegan MacDonald claim, “I suspect that if 2018 is the year of implementation, 2019 will be the year of enforcement”.

And when setting out a tech-first vision for the NHS the UK health minister stated “it is essential that the public has trust and confidence in us and can see robust data governance”. It is clear that data quality, visibility and clarity are all concerns when it comes to regulatory compliance.

So how can you be sure that your data is in the best possible health in order to help you deliver on your GDPR policy?

Run a health check 

As a first step, before any treatment can be administered, a health check of your data should be a priority. Much like going to your GP for a general health MOT, you should regularly run diagnostics on your systems. This will pick up any anomalies and allow you to plan the best course of action. After all, you wouldn’t take medicine before knowing what is wrong would you?

For example, you need to be extremely thorough and ensure that all of your data is relevant and up to date. Might you be hoarding information that hasn’t been used for years? If so, consider why and whether you need to keep it at all. 

There are now a wealth of data quality tools available to help find any issues, crucially, before they disrupt your business. These can reduce the time and cost required to curate databases of the highest standard that are consistent and accurate, as well as continuously monitoring for errors and allow businesses to repair them – much like being hooked up to a monitoring machine. You’ll be sure that your data is in the safest of hands.

As well as ensuring that data is in the best shape to help comply with regulation, having accurate and competitive real-time insights at your disposal can give you that upper hand on competitors, as business decisions can’t be made today by using yesterday’s information.

Begin treatment

So, you have found the cause if your data ills; the next step is to ensure your team of experts have the right tools and training at their fingertips to begin treating the issues found during your diagnosis.

To do this, your teams need to have continuous visibility into data quality. This will allow them to act quickly and efficiently in order to minimise business disruptions and worse, falling foul of regulation. An effective and fit-for-purpose data management system will allow for an overview of this and enable staff to drill down into the data for an even more detailed look at the standards of its quality and, most importantly, where the treatment needs to be administered.

Technology may be able to do much of the heavy lifting, but the importance of continuous training and education shouldn’t be underestimated. Data is often solely in the remit of the CDO or CFO, however, the reality is that all members of staff will be using data in one way or another, every single day. Poor data quality can have a huge impact on a business and can leave staff irritated and unproductive. To ensure that any issues can be dealt with quickly and efficiently, all employees need to be well versed in best practice.

Like a hospital employs a head of A&E or Radiology to oversee their respective department, businesses can reinforce the need for every staff member to be mindful of the data that is in their charge. This is where a ‘data advocate’ within each team will be beneficial. This should be someone who has full oversight of working practices, both into what’s working and what is not. And, most importantly, is able to influence the approach each team has to their data handling.

Repeat prescription

Achieving GDPR compliance isn’t a box-ticking exercise. It requires a focused understanding of where customer data sits and what it contains throughout an organisation’s information system. Data management services can act as the repeat prescription to this. They can be customised to suit specific business needs, monitoring only what is relevant. Not only this, they can minimise the manual intervention of staff, reducing the risk of human error.

Keeping your data in best possible condition shouldn’t be a long, drawn-out process and a long-term information governance strategy will support a business’s GDPR strategy. Defining rules and threshold standards for your data means that it can be continuously monitored. Should they fall below required levels, you can be notified and can set teams to fixing errors before they become a larger problem.

The potential for GDPR to improve businesses relationships with consumers is enormous. Those who get GDPR right and use it to their advance improving communication and trust with clients will reap the rewards. But in order to do, businesses must be diligent and repeat these steps regularly to ensure your data is in the best possible shape to help you deliver on your GDPR compliance and keep your databases out of A&E.

Frank Schuler, VP SAP Technical Architecture, BackOffice Associates
Image Credit: IT Pro Portal