New season, new data management system?
Why having the right set-up will put a spring in your GDPR step!
Here’s an interesting claim for you: we’re now exposed to as much information in a single day that someone in the 15th century would encounter in their entire lifetime.
Spurious or otherwise, the sentiment rings true – we’re surrounded by data. And lots of it.
Now, as a data controller or processor, imagine how much data you accrue over your customers’ or clients’ lifetimes.
And then ask yourself this: how well equipped are your systems to cope with all that information in relation to the GDPR?
Because there sure is a lot to think about…
It’s only the right system if it’s right for you!
Whatever system you use to gather, process and store your data, it’s highly likely that you’ll want it to do all the things you need it to, and still have the capacity to grow with your business and any new demands placed upon it.
So whether it’s a new CRM system (e.g. Salesforce, Hubspot), digital accounting software package (e.g. Xero, Sage, QuickBooks) or email marketing platform (e.g. Mailchimp), here are 5 things to consider when you’re reviewing your current system and/or looking to upgrade it.
1. Work out what you need it for
It may sound obvious but start with the basics: what data do you routinely collect and why? Where is it stored? Do you use any third-party suppliers and, if so, how secure are their systems and processes?
Knowing everything there is to know about your data processing means that you’re taking your responsibilities and compliance seriously, and, most importantly, doing all you can to safeguard your customers’ personal information.
Taking the time to carefully map all your data means you’ll have everything covered and be in an ideal position to know exactly what type of system will work best for you.
2. Plan what could go wrong
It’s a fact of life that, despite the best-laid plans, things can and do go pear-shaped.
For instance, would you know how to handle the fallout from a data breach? Or the potential pitfalls involved in moving and deleting data?
Carrying out a Data Protection Impact Assessment (DPIA) is an extremely worthwhile exercise to help you identify and mitigate against any potential risks. It’s never nice knowing that things could go wrong but it’s a whole lot better knowing that your system can cope if and when they do.
3. Don’t forget your growth plans
Being proactive is always better than being reactive. So, choosing a system that matches not only your current needs but your future ones too makes a lot of sense.
Does it have the capacity to grow with your business? What sort of staff training and support can it accommodate? In short, is it going to limit you or allow you to flourish?
4. Make your system fit your requirements, not the other way around
It’s very easy to plump for something that ticks most of your boxes. But that’s no real use if the most crucial boxes remain unticked.
That’s why it’s so important to first work out what you need and why; so that you can build from the foundations up – and later avoid trying to get your system to provide functions that it was never capable of offering.
5. The most recommended system may not be the one for you!
Done right, powerful marketing is seductive although it’s good to remember that not all marketing is created equally!
So, rather than taking things at face value and blindly accepting that ‘System X’ is #1 because some great marketing has told you that, do some research so you can make a more informed decision. That way, (and having followed all the points above), you’ll be much more likely to invest in the system and set up that’s right for you.
No need to remain in the Dark Ages!
If you’re still getting your head around the many nuances of the GDPR and how it affects your business, don’t worry – we’re here to help and guide you.
We can talk you through what’s best for your new data management system and advise you on all aspects of data protection and the GDPR.
And so that you don’t end up with information overload, we promise we won’t try and cram everything into just 24 hours!
If you found this article interesting, you may be interested to:
- Watch our "where to start with you Data Protection Impact Assessment (DPIA)" webinar if you are uncertain as to where to start with your DPIA.
- Read our blog "ever heard of a DPIA" where we provide you with some useful pointers on what should be included in a DPIA and some helpful pointers from the UK's Information Commissioner's Office (ICO).
To be kept informed about future webinars and new blogs, why not sign up to our monthly newsletter.
Got Questions...? Contact Us
Until next time...