The general data protection regulation (GDPR) will change the way companies handle data. The regulation aims to protect user's personal data. This seems like a disadvantage for businesses, but change can bring as well new opportunities.
Our lives become more and more digital. This digitalization enables us to track a tremendous amount of data. Connected devices start to enter the mainstream. This will bring a new wave of data points. While all this data provides huge potentials for new businesses, it caries as well a tremendous risk to people's privacy.
Until the GDPR, the EU only provided lose guidelines for companies and how they handle people's data. Those guidelines are from the mid-nineties before the internet and digitalization became mainstream.
Our lives changed since then. We need new arrangements to handle users personal data.
The GDPR puts users back in control. The relationship between users and businesses will change. It is up to us to define if this change elevates or demotes business.
We, as a society, need to come to new agreements on how we handle data. To redefine the relationship, between business and users, we developed a framework that is focusing on 3 main pillars: protect, educate and facilitate.
Clarify intentions and manage customers the outcome expectations.
Help your customers to understand why you need certain information, what you will do with it and what they can expect in return. When customers can understand the relationship between provided information and received outcomes, they will ensure accurate information.
Build trust, safeguard users data and your company's interests.
Secure your assets and thereby your customer's data. Assess the sensitivity of the data you are dealing with and put appropriate measures in place. Explain to your customers what you do to safeguard their information. Only when they feel their information are save they are sharing with confidence.
Enable your customers to manage their own data
Enable your, customers, to take responsibility for their data. Give them access and help them to add relevant information and edit or delete incorrect data. Provide abilities to create data synergies with other services. when you put your customers in control, they will take responsibility and ensure a high data quality.
The GDPR puts users back in control. This might seem bad for business but can be seen as an opportunity. The need to be able to explain why information is needed can help to sharpen the proposition. The need to limit data collection to only service relevant information can reduce overhead. The need to enable access to data can lead to synergies with other companies.
01 Educate - Help your customers early in the journey to understand the value and what you need to deliver this. Clear expectations and explanations during the sign-up and setup phase will avoid disappointment once they start to use your service. When you enable your customers to understand the value, they will provide more reliable data, which will lead to more accurate outcomes.
02 Protect - Customer's data is an essential part of most companies offerings. To make your customers comfortably to share their personal data, you need to demonstrate that you handle their information with care. Only when your customers believe that their data is saved from leaks or breaches, they share with confidence.
03 Facilitate - Allow your customers, to manage their own data. When people start to use a new service, they might withhold certain information because they do not understand it's full potential. Enable easy access to the given data and maybe its derived information. Enable them to correct or even delete (in their eyes) wrong information. Help them to use their data in with other services. If the value is clear, it is in their own interest to keep their data accurate and relevant.
Data protection - Rules for the protection of personal data inside and outside the EU https://ec.europa.eu/info/law/law-topic/data-protection_en
Official Journal of the European Union (english pdf) http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0679&from=EN