In our series of ‘GDPR Guide’ blogs, we briefly advise the Chief Data Officer (CDO), Data Protection Officer (DPO), Chief Marketing Officer (CMO) and Chief Revenue Officer (CRO) on how to approach the GDPR. While these guides offer a foothold for dealing with the GDPR, we believe that the true key to succeeding as a data-driven business under GDPR pressure is both simple and surprisingly difficult: cooperation.
Cooperation with the Data protection officer
Cooperation with your Data Protection Officer (DPO) across the company is a first important step to fostering a culture of compliance in your company. Your DPO needs to be able to provide everyone across the business with the knowledge they need to make compliant decisions. To fulfil this advisory role successfully, the DPO needs to have access to all departments, and people across the company need to be open to advice from the DPO. Additionally, employees in all departments should be pro-active in complying with the GDPR, asking the DPO for advice where necessary. Through this open communication, the DPO helps the other departments to keep doing their job in a way that is GDPR compliant.
Departments across the company should also take responsibilities in allowing the DPO to do their job. Employees across the company should provide the DPO with the software and information required for monitoring the company’s activities. Ideally, The Chief Data Officer builds a data stream map and grants the DPO access to monitoring software, while the Chief Marketing Officer provides the DPO with information on consent gathering procedures, and the Chief Revenue Officer responds to the DPO’s requests regarding SEPA numbers and employee ID numbers. It is this cooperation that allows the DPO to be as effective and efficient as possible.
Cooperation between departments
Of course, cooperation with the Data Protection Officer is important, but the GDPR presents the perfect reason to start breaking down all those silos inside your company. As your company implements new regulations and software in the move towards compliance, allowing input from employees across departments can prove instrumental in making the best choices for the business as a whole.
Ideally, if the CDO plans to implement a new data management system (as suggested by the DPO), he also asks the other departments for their input. The marketing department might inform him that a way to manage consent is required, while the CRO might express his wish for a system that ensures data quality. Because the CDO knows what is important in the software besides compliance, he can implement the solution that best suits the needs of everyone in the company. As a bonus, because the marketing department is more aware of the steps taken to ensure customer privacy, they might be able to leverage the CDO’s effort to use it as a competitive advantage.
Cooperation with outside help
While clever utilisation of the knowledge already present in your company will go a long way towards making GDPR compliance a reality, you shouldn’t be afraid to call upon outside help for compliance. Whether it’s knowledge that is not present in your company or a new piece of software that needs to be implemented, outside help can fill the gap of knowledge or resources present in your company. At Datastreams.io, we are happy to help you on the road towards compliance with one of our GDPR-proof solutions. Contact us to find out more or request a demo!