“Compliance Watch” brought to you by GDPR365
Why is compliance with privacy laws good for your business?
As a business one looks at all the privacy laws being promulgated all over the world and wonders how and why am I going to comply with these, what is my benefit?
In reality it requires you to look at data privacy and managing privacy with a new eye.
The data and personal information your business holds about its customers or clients is a precious resource, it belongs to those clients and should not be taken for granted, they can remove the permission for you to use it at any time. This means that you are a custodian of their information and should manage it extremely carefully.
But if you do manage personal information in compliance with privacy laws there are many benefits, I’d like to outline a few.
The first and most obvious is that if you clearly state what you will do with information gathered (via your privacy notice) your customers will understand exactly how you use their data and you will build a trust relationship in terms of data custodianship. In this era of fake news, data breaches, cybercrime and vulnerabilities, more and more companies and individuals will tend to do business with companies who are trustworthy and manage personal data properly.
A second benefit for businesses is that should they deal with larger companies, organisations and government it is more and more likely that these will require a company to be complying with privacy laws before they will even do business, so being compliant will enable your company to do this kind of business. The reason for this is that where personal information is transferred between organisations in order to sub-contract a lot of privacy law makes the responsibility for data breaches joint and several. This means that both organisation are fully responsible equally for any liability or breach arising, would you subcontract the processing of personal data to a company which is not compliant under these circumstances?
An example would be a cloud-based CRM provider with worldwide clients who use the CRM service to communicate with European customers. Should the cloud-based CRM service provider suffer a data breach, and European people’s data is compromised, both the CRM provider as well as the company using their service will be jointly legally liable and potentially fined under the GDPR (General Data Protection Regulations).
The key is be compliant, ensure you have an agreement with your service providers where they will confirm their compliance and you will be safe from their breaches.
Privacy laws also cover the personal information of employees, so a third benefit is that your employees will feel more comfortable in an organisation which takes care of their personal data and ensures confidentiality where required. The physical and mental health status of employees is often disclosed to HR departments and the misuse and irresponsible dissemination of this information can cause extreme harm to an individual. Your organisation needs to ensure the controls, procedures and policies are in place so that this cannot happen.
If one takes all of the above into account and creates an environment of trust for both clients and employees and ensures that sub-contractors are properly controlled it is obvious that a fourth benefit is a more competitive, robust business going forwards.
Founder & CEO
Email: firstname.lastname@example.org Website: www.gdpr365.com
Mobile: SA: +27(0)82 569 9268
Address: GDPR365, Lepelstraat 14 1080XM, Amsterdam, Netherlands
September 8th, 2014