The rigorous new security and privacy rules encapsulated in the EU’s General Data Protection Regulation (GDPR) are now only months from going live.
In May 2018, retailers face hefty (and potentially business-ending) fines for non-compliance with sweeping new data management obligations. With potential fines of €20 million (£15.3 million) in the frame (or 4% of turnover), UK retailers should now have their systems, procedures and skills constantly under review.
Yet, one software company carried out research that indicates 77% of retailers have still not created an effective GDPR strategy. In fact, many appear to be unclear how the regulation will affect their business operations.
So, what last-minute data management considerations should retail executives be focusing on, in the lead up to May 2018?
Getting the right skills in place – across the business
The GDPR is as much about building skills and awareness, as it is about investing in software and hardware.
Any retailer who still believes that data management is purely IT function needs to seriously re-evaluate their business model.
The competitive advantages to be gained from gathering, sorting and analysing are crucial to business growth. If used wisely and well, data can now inform and improve every aspect of running a retail business; from the stock you buy, to the customer experience, and from your warehouse automation to your financial consolidation and planning.
That means your entire executive team needs an appreciation of the power of data, and the ways to mould it to a leaner, more agile retail business.
Security and data concerns cross-departmental
However, alongside the advantages Big Data brings, comes ever-growing problems with privacy and security.
Just as an appreciation of data’s power is now needed across your management team, so is an understanding of the exponential risks.
Continuing process of control
It’s a widely held view that GDPR compliance is a journey, not a destination.
This involves a constant process of revaluation and measurement. For example, retailers who have executives who work remotely across different sites, will have to ensure that all devices and software used are fully compliant leaving no potential for data loss or misuse.
Marketing teams will have to be scrupulous in planning every new campaign and initiative around the far more exacting opt-in requirements for customer engagement.
The weakest link could be external
Yet all of this new measuring, monitoring and constant alertness still runs the risk of data security problems from an external source.
And it’s not just cyber criminals and malware who pose a threat either. Retailers tend to deal with a myriad of suppliers. Their systems and procedures will have to be thoroughly checked, as the weakest link in your supply chain could be the way you fall foul of GDPR.
Contact us today to discuss retail executive recruitment that builds your organisation’s ability to embrace data, without being strangled by it.