With over 18 years of expertise, "Privacy by Design" has always been PossibleNOW’s mantra. Now it needs to be yours if you do business in the European Union. The GDPR implementation has been the largest change in privacy regulations in over a decade – and long overdue. Even though it went into effect in 2018, many companies are still confused about how the regulation impacts them and their businesses processes, and severely underestimate how badly the fines and consequences could impact them for noncompliance. PossibleNOW’s GDPR compliance solutions & services are here to help.
The General Data Protection Regulation (GDPR) is a regulation that is intended to strengthen data protection for individuals within European Union (EU) countries. The GDPR went into effect on May 25, 2018. The primary objectives of the GDPR are to give people more control over their personal data, to help protect personal data from the risk of loss, and to unify regulatory privacy and data requirements within the EU.
It is vital that any organization who conducts business in the EU understands the overall design of the GDPR and why preparing their technology and processes now for this new legislation is so critical.
Today's technology is much different than it was 20 years ago. No one could have predicted how the Internet, smartphones and the widespread use of social media applications such as Facebook, LinkedIn and Twitter could have global implications. The ability for consumers to consent to receive communications is long overdue and increases customer trust and engagement.
With the GDPR implementation, data breaches must now be reported immediately (within 72 hours of the discovery of the breach). The GDPR was also necessary to enact a uniform data security law across the EU. Each EU country will no longer need to pass their own legislation for data security; the GDPR will be the guiding law. However, EU countries can still regulate certain types of data such as health data.
If you are currently doing business in the EU, you may already have privacy processes and procedures in place. But will these hold up to the new GDPR regulations and requirements? For instance, the GDPR has set a higher standard for consent to communicate with customers. To ensure that your business is GDPR compliant, it is essential that you review your consent policies and procedures to verify that these meet the new higher standards.
The risk to your company? High levels of fines (which can be as high as 20 million euros or 4% of your total worldwide annual revenue, whichever is higher) as well as damage to your brand and reputation. But GDPR compliance could be a good opportunity for your brand as well. Customer trust is an evolving issue with ever-increasing data breaches reported around the globe. Enhancing your consent and privacy practices helps ensure that your company won’t be one of those on the news.
With our GDPR compliance solutions & services, PossibleNOW and our sister company, CompliancePoint, can help you determine your preparedness and then recommend appropriate action. Get started now!
The first step to GDPR compliance is understanding where your company is today. PossibleNOW's Eric Holtzclaw discusses this step.
Looking for an out-of-the-box solution to comply with GDPR’s consent management requirements quickly?
Our GDPR Consent Quick Start Program enables companies to deploy consent capture capabilities, providing the ability to comply with GDPR consent collection requirements. Utilizing functionality of MyPreferences, our solution provides the ability to capture and correct consent at a granular level, transactionalize the consent, and maintain consent history and the disclosure language used.
The GDPR Consent Quick Start Program implements out-of-the-box functionality to comply with consent management regulations quickly, as well as the ability to expand the functionality, design, and reach across the enterprise, allowing for full utilization of the MyPreferences consent and preference management platform.
The Quick Start Program uses a consent management portal that provides:
It’s no secret that the marketplace has exploded with band-aid solutions for GDPR consent compliance. But the liability associated with the new GDPR regulation is significant, and most large companies know they need a scalable platform that can capture, manage and archive consent across channels and across the enterprise.
The Quick Start Program addresses key requirements as listed in the Global Data Protection Regulation such as:
GDPR also has specific requirements for data governance such as data access, rectification and erasure as well as integration of that data across enterprise systems. PossibleNOW and RedPoint Global have introduced a new strategic product offering to meet these needs.
RedPoint Global, through its market-leading Customer Data Platform (CDP) capability, provides the ability to connect customer profile data from disparate systems and data stores across the enterprise. In addition to the consent capture capabilities provided by MyPreferences, data subjects can now perform several more actions related to their profile data as listed in the General Data Protection Regulation:
These actions in turn update relevant corporate databases within the enterprise and provide the data subject a confirmation of all completed actions.
The combined solution of PossibleNOW and RedPoint Global addresses key requirements related to management of personal data, collection and maintenance of consent data, recordkeeping and reporting as listed in the following articles: