General Data Protection Regulation

GDPR: Comply while staying Competitive

New regulations come into force on 25th May 2018. Use the time wisely to protect your competitive edge.

Prepare for GDPR whilst safeguarding your competitiveness

“Don't sacrifice the permanent on the altar of the immediate” are wise words that should be kept in mind whenever an organisation is confronted with new regulations.

GDPR comes into force on 25th May 2018, harmonising data protection across the EU and guaranteeing individuals new rights, including the “right to be forgotten”. The UK has committed to apply GDPR, whatever the outcome of Brexit negotiations. Failure to comply could mean fines of up to €20m or 4% of global annual turnover (whichever is greater) per incident.

On the other hand, compliance will be a hollow victory if it costs you your competitive edge.

GDPR is not merely an IT or compliance exercise – it is a business issue.

That’s why analytics must be part of the equation.

You don’t need to panic yet but you do need to get started.

Find out why

Analytics needs a place at the discussion table

Analytics systems contain the most comprehensive views of customers, employees and other data. They often generate personal data that is derived or inferred through algorithms and are often difficult to audit.

Consequently, there must be a multilateral discussion on GDPR and business analytics. It must involve:

Any function that has a stake in business analytics (marketing, customer retention, KYC, fraud management etc.)
Compliance and audit teams
Corporate IT
Senior management

Only by involving all stakeholders in the discussion will you find solutions that allow you to comply without stifling your competitiveness.

They will need to examine your data strategy and data governance. Find out more

Take the GDPR opportunity to review and improve your business analytics infrastructure. By engaging all stakeholders in a timely manner, you can:

Identify processes that need to be streamlined, improved or introduced
Protect your holistic view of customers and your advantage over competitors
Build customer trust
Sustain and enhance your ability to reach customers with tailored marketing
Manage risk and fraud more effectively
Plan your business operations with greater confidence in the post-GDPR world
Enable senior management to take decisions with greater confidence

You can only grasp these opportunities if you put customers at the centre of your strategy, involve all key decision-makers in your organisation and embrace innovation.

SAS Roadmap to GDPR

How to achieve the perfect balance between GDPR compliance and analytics that give you a competitive edge.

Download the guide here

Get up to speed on GDPR in 15 minutes

Here are a range of short, informative materials to support you in the early stages of your planning:

Ready to discuss GDPR? We are here to help

Register your details for an initial discussion, and when appropriate we offer a GDPR workshop, where we’ll scope out how our methodology can be applied to your business and your individual challenges – agreeing key milestones, priorities and timeframes.

Contact us

Why SAS for GDPR compliance

You can’t protect your organisation’s sensitive data if you’re not sure exactly what or where it is. We provide software and services for all phases of the data protection life-cycle.

Access

We start by securing your access to:

Your data sources for personal data
Workflows, policies and processes relating to personal data
Audit, monitor and risk reports on personal data

Identify

We use our tools and capabilities to:

Find out and catalogue personal data
Analyse personal data attributes, patterns and contextual information to assess the need for re-identification
Analyse personal data for risk assessment

Govern

We work with you to:

Define and align personal data terms across IT and other lines of business
Create data flows that link systems and business owners
Ensure personal data is accurate, complete and consistent
Provide transparency, governance and an audit trail of the analytics processes

Protect

To ensure data protection, we:

Implement standard safeguards
Apply privacy-specific measures (e.g. anonymisation and encryption)
Minimise data to the purpose for which it is being collected

Audit

To audit your data strategy, we:

Log and monitor usage of personal data
Audit usage of personal data to demonstrate compliance and privacy controls
Run and analyse reports to prove that data is not at risk

How to comply with GDPR
This report will show you how to remain compliant, protect and safeguard all you customers Personal Identifiable Information.

View the report

Our solution to GDPR
The General Data Protection Regulation: What It Means and How SAS® Data Management Can Help.

The key actors in GDPR - and how it will affect them

How does GDPR affect the CEOs, CFOs & CIOs?

The risk to some large corporate organisations is huge. The fines could cripple a business with share price, reputation and dividend payouts being negatively affected.

On the plus side, successful compliance will bring business opportunities. Executive leadership therefore needs to make GDPR a cross-functional task, prioritising customer engagement as well as risk.

How does GDPR affect the Chief Data Officer?

Chief Data Officers need to establish robust operating models for data governance. They need to put reporting structures in place to manage and measure their GDPR compliance.

The CDO role is not just about IT. It is much more tightly linked to the needs of the business, and in most organisations, marketing / customer engagement in particular. The CDO is increasingly positioned as a role that can help the business use data more effectively through analytics.

How does GDPR affect the Data Protection Officer?

If your company has more than 250 employees, you need a dedicated Data Protection Officer. The DPO will likely be the first point of contact for regulators, so needs to be central to all GDPR activity.

As the advocate of the data subject’s rights and interests, the DPO plays a significant role in improving customer experience and building trust.

How does GDPR affect Marketing?

Marketers need to review their marketing strategy in the context of GDPR. The regulations may disrupt their plans for a more personalised customer journey.

GDPR is a marketing opportunity. GDPR entails a responsibility to address issues that may be inhibiting effective marketing, for example by means of data cleansing and the elimination of dysfunctional data “silos”. It is estimated that poor data can reduce company revenues by as much as 6%.

How does GDPR affect Data Analysts

Data analysts play an exceptionally important – but sometimes overlooked – role in how data is used. They are critical in ensuring compliance with GDPR. Through the use of algorithms and statistical methods, they are typically responsible for creating the most complete views of customers and other data subjects.

Analysts’ work is the basis for future competitive advantage – for example through predictive analytics based on consumer preferences and habits or by leveraging data generated by internet of things (IoT). All of this is covered by GDPR. It is therefore vitally important that analysts have input into decision-making around GDPR.

Get started on your GDPR journey

Let's discuss why analytics and data management should be at the heart of your GDPR strategy – and how you can build a roadmap that ensures your compliance while enhancing your competitiveness.

Get started