Although considered a necessary nuisance by many organisations, the importance of the new GDPR legislation really came to light in the last few days, with Facebook stocks plummeting by 6% because of bad PR resulting from the Cambridge Analytica scandal. Facebook is desperately trying to prevent the word “data breach” being used in conjunction with the Cambridge Analytica scandal.
If a data breach occurred is irrelevant at this stage as the PR damage is already done by Facebooks name being in the same headline as the word “data breach”. This should send a shiver through many organisations and get them to carefully assess where they share data and how long this data is stored for and when is it supposed to be deleted and was it deleted as per the agreed timeframe? Another major question is whether consent was obtained for the purpose the data is now being used for?
As companies throughout Ireland are preparing third party data sharing agreements to become GDPR compliant, by engaging in the GDPR process they are helping to build trust in the corporate brand. The GDPR process also makes firms think twice about oversharing information to processors and other data controllers. It also gets firms thinking about the prudence of purchasing third party information where the implied consent may be quite hazy. The act of compiling a series of GDPR policies and procedures will help protect your brand, which is extremely important that when one considers that a recent Accenture report found that “in the US, 41 percent of customers who switched providers did so as an issue of trust”.