Data privacy is a heated topic with far-reaching implications for IT and business professionals. Governing organizations are introducing significant new regulations such as the recent General Data Protection Regulation (GDPR) and Privacy Shield. Existing legislation is also changing, as we saw with the revocation of Safe Harbor.
These rulings vary widely from region to region, and they encompass data management aspects that go far beyond organizational data collection and use to capturing customer consent. What’s more, capturing consent is not just limited to a one-time event when a new customer creates a profile or account. Consent must be confirmed and refreshed as customers travel across regions with different laws and even as users change devices.
GDPR is a good example of how the stringent rules around the collection, consent and use of personal data can affect businesses’ data management practices. To gain an idea of the massive scope of the impact, here is a breakdown of just a few of the consent aspects of the GDPR ruling and the capabilities businesses need to comply:
- Ensure Data Sharing Consent
Individuals must explicitly consent to share their personal data. - Enable User Access to Personal Data
The user must have a right to access the personal data once submitted. - Enable User Self-Management of Personal Data
The user must have a right to edit or modify inaccurate personal data. - Specify How Data Will Be Used
Clearly and concisely explain the use of data rather than rely on lengthy terms of service agreements. - Who Will Receive the Data
Clearly indicate the recipients of their personal data. - Only Collect Relevant Data
Data collected must be relevant to the purposes for which it will be used.
And there is much more, including specific guidelines around data governance and security. It’s complicated, and it’s easy to see why complying with data privacy regulations takes much more than applying region or county-specific policies to your identity data stores. It requires managing identities on an individual, one-to-one basis, and customers must be participants in the process.
This is why identity management is at the center of successfully enforcing data privacy. Identity management provides the capabilities necessary to comply with regulations by enabling data privacy best practices such as:
- Collect and Manage Customer Consent
- Provide Customer Self-Management Features
- Provide Policy-Based Data Access Governance
- Secure Customer Data End-to-End
- Capture Explicit Customer Preferences
- Create an Actionable, Unified View of the Customer
- Support a Multi-Channel Engagement Strategy
In addition, identity management supports one-to-one customer engagement and personalized experiences. Combined with strong privacy protection, it can help businesses gain loyalty and earn trust, critical advantages in the digital marketplace.
ON DEMAND WEBINAR:
Navigating the Customer Data Privacy Minefield
Are Data Privacy and Customer Engagement Mutually Exclusive?
Aucun commentaire:
Enregistrer un commentaire