The age of businesses collecting, using and storing personal data any way they choose is over and the massive impact of consumers and companies flexing their newfound data privacy muscles takes GDPR to the top of a CIO’s priority list.
Stuart Pearce, Managing Director of data specialist TD Global, urges business leaders to take GDPR as seriously as they must take the Protection of Personal Information Act (POPIA). “The minutiae of GDPR mean that even collecting data about or dealing with a person of European nationality falls under the new regulations. It extends to dealing with customers from the EU online, or even paying an EU citizen to undertake work for you,” he says.
“To mitigate the huge fines and reputational damage your company could suffer due to negligence or ignorance of the law, TD Global advises that organisations incorporate all data privacy rules and regulations when taking legacy data through the data hygiene process, or during routine maintenance and updating of current data.”
Pearce highlights the importance of ensuring your data is current, saying: “Not only do you need updated data to comply with global regulations, but good business decisions cannot be made from outdated data.
”It makes sense that current, clean data provides value for your business. It’s not about how much data you’re able to garner from various initiatives, but how accurate that data is that proves truly valuable.”
Make data integrity a priority
Data integrity is about ensuring the data you are using is accurate and trustworthy over its entire life cycle, not just in the short-term. TD Global suggests following this brief checklist to moderate any issues that may crop up:
- Data must be recorded permanently in a format that is easily and universally understood, with original entries preserved.
- It must be recorded when it was observed, and at the time it was executed.
- Source data – the initial place it came from – must be accessible and preserved in its original form.
- Data must be accurate, meaning free from errors and in compliance with protocol and regulation.
- Who observed and recorded the data, who it is about and when it was observed and recorded must be noted.
“Without a good understanding of the current codes on data privacy that apply to your organisation and all the clients it services, you could be setting your business up for failure,” Pearce says. “Ignorance of the law is no defence, and human error will still incur punishment, so it is imperative that anyone who has anything to do with data in your company understands the importance of privacy regulations.
Wherever you are on your data journey, Pearce suggests you partner with professionals who can ensure your hard work – and potential profits – is not let down by any misinterpretation of regulations.