Top 8 Privacy Compliance Topics for 2020: Part 3
In our previous blog post, we covered the third and fourth key topics in our eBook, “Top 8 Privacy Compliance Topics for 2020. And in this blog post, we’ll cover the next two: Importance of Internal Socialization and Coordination, and Privacy Compliance is a like a Perpetual Relay Marathon.
Importance of Internal Socialization and Coordination
What do your sales, marketing, and other people who touch customer information need to know? Vague admonishments to “be careful” or “route all questions to the in-house privacy compliance” expert is not enough.
We recommend improving your marketing and privacy program, not just to expose or highlight compliance. Make it a central theme of your customer experience. Of course, the resources you put into awareness and training will need to be calibrated based on your risk appetite.
Use the following techniques to improve privacy compliance awareness:
- Policy Updates. Start by regularly reviewing and refreshing your privacy and related marketing policies to address the latest privacy compliance laws and regulations.
- Procedure Updates. Tailor these updates to your staff that is most likely to need privacy compliance such as sales, marketing, and customer service. Remember that the scope of your procedures needs to go beyond email marketing.
- Privacy Compliance Request Management. Who will be responsible for answering privacy requests in your organization? If you decide to decentralize this function (g., each sales representative responds for their clients), enterprise-level monitoring is essential to ensure consistent responses.
- Project Management. Aside from small businesses with no exposure, you will probably need to organize a privacy compliance project. We suggest including a change management program as part of that activity.
As you plan your awareness activities, you might be wondering if you can demonstrate 100% compliance in every country where you do business. With changes to existing regulations and new jurisdictions coming online regularly, you’ll need to keep up to date and make regular improvements to your privacy compliance foundation.
Privacy Compliance is like a Perpetual Relay Marathon
In 2018, everyone focused on the May GDPR deadline for a good reason. Authorities would start some level of enforcement activities after that date. As a consequence, marketers assumed they must achieve compliance by the deadline.
In 2020, the CCPA became law, with enforcement starting in July 2020. And at the close of 2019, discussions about federal privacy compliance laws became part of the political dialog in the US. This pattern of meeting new requirements in multiple jurisdictions will likely accelerate, making privacy compliance a series of marathons. In the US, CCPA 2.0 has already begun working its way through the process.
It comes down to the question if privacy compliance is about risk appetite and developing a plan or if it is an opportunity to both meet privacy compliance AND improve your customer experience. Imagine that an EU representative investigates your business. Will you be able to demonstrate that you have the right processes in place to achieve compliance?
Designing a privacy compliance plan needs to take account of the following issues:
- Current CX Maturity. As we discussed earlier, a great CX is a key to improving customer loyalty and trust. If you already plan or are currently implementing CX improvements, building it on a foundation of privacy compliance accomplishes both at the same time.
- Your marketing resources. As you plan your approach, what resources, including internal talent and access to qualified external consultants, do you have?
- Data Audit. Conduct a data audit to understand what data and systems you have in place. We cover this topic in more detail in another section of this document.
- Risk evaluation. Based on probability and impact, evaluate the risk each data source contains. For instance, the data you have in a marketing automation platform such as Eloqua has a higher likelihood to trigger a privacy compliance issue than a handful of business cards.
- Priority-based implementation. Based on your resources and risk evaluation, develop a phased approach to implement privacy compliance.
In our next blog post, we’ll cover the last two top privacy compliance topics for 2020: Collecting and Using Customer Information and Charting an Ongoing Course for Privacy Compliance.
If you would like to get our entire eBook now, click here to download a copy of “Top 8 Privacy Compliance Topics for 2020.”