The Bright Side of GDPR: Better Data Practices Build Trust

A new report from the Enterprise Data Management Council makes the case that strong data management practices prompted by the General Data Protection Regulation could have effects beyond simply complying with the EU's rule.

If you’re just now starting to take steps to implement changes ahead of the General Data Protection Regulation, you’re probably too late to get things ready in time. (May 25 is just around the corner!)

Despite all the chatter and frayed nerves over the European Union’s new regulatory framework for protecting personal information  in the digital age, GDPR might lead to something positive for organizations large and small: a greater level of trust resulting from better data managment.

That’s a key point underlined in General Data Protection Regulation (GDPR): The Role of Data Management [registration], a new report by the Enterprise Data Management (EDM) Council. Like GDPR, the organization has a global reach—200 member organizations around the world—and many of the council’s stakeholders took part in putting together the report, which analyzed 32 data implications over 48 separate data management requirements.

Among the categories of requirements discussed in the report: data subject rights; data handling; training; accountability and governance; security and confidentiality; change management; and assurance and monitoring.

Notably, the report highlights the potential positives that compliance with the regulation could bring to organizations:

While GDPR is a regulatory mandate, if executed effectively there is significant business value derived from the resulting … enhanced customer relationship. The GDPR regulation requires a process of interaction with a customer that delivers transparency, customer empowerment, efficient portability, and data quality. These are all opportunities to deepen the relationship and develop trust, providing a positive customer experience in order to drive profit and gain competitive advantage.

But those results will only come if multiple parts of the organization—not just the data management team—are involved. “GDPR requires all the lines of defense … to work in concert to ensure the organization achieves the outcome of valuing and protecting customer privacy and data,” the report adds.

The EDM Council said it will look at different attempts to execute on the GDPR data frameworks and update its guide accordingly. The council also highlighted its own Data Management Capabilities Assessment Model, a set of criteria for evaluating data governance.

In a news release, EDM Council Executive Director John Bottega said the collaboration that led to the report was a model for the industry to follow.

“This is an important example of how the EDM Council continues to collaborate with industry experts in order to bring value to its members and to all industries impacted by GDPR,” Bottega said.

(lucadp/iStock/Getty Images Plus)

Ernie Smith

By Ernie Smith

Ernie Smith is a former senior editor for Associations Now. MORE

Got an article tip for us? Contact us and let us know!