Though it’s clear to see that the General Data Protection Regulation, or GDPR might mean big things for the future of communications, many people still underestimate the extent of its reach. Right now, organisations are doing what they can to protect data, but they don’t have the right technology in place. To complicate matters further, a lot of companies are dealing with antiquated systems that don’t offer the right level of protection to comply with GDPR.
The hefty fines and regulations of GDPR aren’t restricted to Europe either, they’re something that needs to be addressed by any organisation collecting personal data from EU citizens. In today’s digital-first environment, pretty much every company might need to comply eventually. While customers consider it simple enough to ask an organisation to forget them, ill-prepared companies have a lot of work ahead of them.
The Changing Channels
The way that customers and businesses interact has changed. Communication tools from messaging apps, to collaboration software and social media have left people switching channels constantly. That means that a typical post on Twitter can quickly become a business transaction over email. Then, when an organisation is asked to remove a person’s details from their system under GDPR, it’s hard to figure out whether the tweet needs to be removed or not.
Companies will be left wondering whether to erase the data and hope for the best, or try to identify exactly how conversations continued, then deny requests because of an existing obligation to record data. Piecing together the conversations that occur over numerous channels and in different mediums can be time-consuming and stressful. However, this is something that today’s companies may well need to address.
Being Sympathetic to the Content
Simply transferring all real-time communication tools that we use today into a legacy format for email to improve long-term storage isn’t something that’s going to work. Instead, enterprises need to be sympathetic to their content, understand how to preserve it in its native format, and understand what it is. Only then will the context or motivation behind a user’s post on Facebook or twitter be understood as an explanation to why a conversation moved from social media to Skype, or mail.
By using contextual data archiving, organisations in the communications industry should be able to look through a single window into all their conversations, and figure out more about the end-to-end story of activities that took place. Rather than simply understanding that a tweet was sent at a particular time, contextual archiving data will allow controllers to see more information, including which communications platforms were used by which people.
Equipped with data that goes beyond a simple time stamp or date, it will be easier for data controllers to access a more complete picture from which they can make a decision about whether or not someone should be erased from a system.
It’s Time to Get Serious About GDPR
Since the consequences of failing to meet with the new GDPR mandate are pretty severe, businesses need to start creating a plan. Companies that fail to comply with the regulation can be fined up to $20 million, or around 4% of their global revenue, which is a cost that makes GDPR difficult to overlook.
The best way to protect yourself against the upcoming fines, is to demonstrate that you can put the right processes and policies in place to offer exceptional security, and that you’ve got the technology to support those policies. If you start to think about the changes that are now required from companies, and the infrastructure needed to comply with GDPR, you’ll be in a better position to address the new privacy regulations that emerge in the long term.
