The big wins from our GDPR compliance journey

29 Aug 2018

With GDPR deadline day well and truly behind us, we can all look back and reflect on the benefits and downsides of GDPR, the way it will impact the world of data management going forward, and how the journey to compliance affected us.

For our MD, the journey to reach GDPR compliance brought with it more than an improvement to data management and security.

Read more about how our GDPR compliance journey affected OpenCRM as both a business and a product in his latest article for Business Direction.

This article has also been included in the latest issues of Business Comment, Business Intelligence, and Business Edge.

I’ve had the opportunity to share my thoughts on various aspects of GDPR in the past, but with the 25th May now behind us, I’ve taken the time to reflect on our initial compliance journey at OpenCRM, the steps we took and the big wins we achieved.

Alongside a more robust and sharpened Data Security policy, the process of GDPR compliance has strengthened the way we operate as a business, improved the way we engage with our customers and streamlined the way we collaborate as a team.

The Ripple Effect

It was without doubt that the introduction of GDPR was going to mean a complete evolution of our Data Security policies and procedures, after all, the goal posts had moved. But the nature of developing this process, led us down avenues of further evolution across the business.

Through the new requirements we faced, we found new best practices, technologies and methodologies emerged, allowing us to get some big wins in other areas of the business as well. Discussions around capturing consent lead to new Account Management steps, by exploring how we retain data we found new technology features with cross department benefits and engaging with expert consultants helped to broaden our infrastructure capability.

The Big Win – Evolution breeds evolution; by taking the time to explore new and exciting changes in our Data Security policies other interconnected processes benefitted from the best practices we uncovered.

Enhancing Our Customer Focus

For us, GDPR was a great project as it was purely focused around our customers, ensuring we were doing everything in our power to secure their data. Whilst we all aim to put our customers at the front and centre of everything we do, often our product, processes or people can be cause for the focus to slip.

It helped to reaffirm the clarity of what we do and why we do it. As a software provider, we’re here to build tools that not only help businesses manage what they do but ensure they do it in the right way – GDPR epitomised that and helped remind us of what it’s all about – our customers!

The Big Win – GDPR gave us the opportunity to put the customer at the front of what we do! It helped remind everyone what really matters and re-energised the entire business.

The Benefits of Empowerment

For the nature of our GDPR project in particular, we knew we needed to extend our open company culture to enable us look objectively and honestly at where we were and how we needed to change to meet the challenges. We gave the project the maximum authority it needed to rewrite some key areas of our business, but above that, we gave the project team the authority to challenge all that was put in front of them.

We knew granting this authority would be essential, we needed our team to not be afraid of challenging if something was truly correct or suggest how to do something better. It didn’t matter if that was to one of our newest starters or to me as the Managing Director, we had to apply the due-diligence to achieve the right result.

The end result? A Data Security policy we’re truly proud of and can fully get behind. The level of challenge and scrutiny meant we couldn’t rest on our laurels, we covered all the angles and accounted for the risks.

The Big Win – By giving our GDPR team the maximum authority, we fostered the approach we needed. Hierarchy can undoubtably cause barriers, if you break them down, you can achieve the best results.

Whilst I don’t believe the ICO (or anyone really) has really got their heads around the impact GDPR will have on the tech industry, I’m proud of what we’ve accomplished. Alongside a robust security framework, we’ve felt the wider benefits of an open and enthusiastic project that’s bred evolution in many different areas, empowered our staff to ask questions and helped us set our sights back on what matters, the customer.