For all the talk about the burden that privacy regulations might place on businesses, it turns out that those regulations actually can help companies leverage their data.

Guest Commentary, Guest Commentary

November 27, 2018

4 Min Read

In a recent Forbes article, author and NewVantage Partners CEO Randy Bean wrote that “over the last decade, nearly three-quarters of Fortune 1,000 companies have been replaced,” arguing that these companies fell from this coveted list due to not being data-driven. To compound this sobering news, the article also mentioned another amazing stat: “79.4% of executives report fear of disruption by data-driven competitors.” That means that these executives know that properly managing data is the key to success, but they just aren’t sure how to do it.

The term “data-driven” is one that has been used a lot lately, perhaps almost as much as “big data” a couple years ago. But what does it mean to be data-driven? Opinions may vary, but the overriding thought is that all data has value, and an organization must act on it. Whether it be social media data or data from sensors, for organizations to survive today they must think in terms of how the data they collect can be analyzed for either operational efficiency or revenue generation. It is no longer feasible to think in terms of just storing data with no plan for how it can improve your business. Those organizations that don’t think and act in a data-driven way will find that their competition is doing so – and they will lose in the long run.

It all seems simple, right? An organization just needs to collect the data that flows into their company, apply analytics, and they are ready to be data-driven. As you can imagine, it isn’t that straightforward. Now, a new wrinkle is taking center stage, data privacy. Organizations are quickly learning that not addressing data privacy can lead to large fines and perhaps the ruin of their reputation. Brought on by regulations such as the General Data Protection Regulation (GDPR) out of the European Union, California's new Consumer Privacy Act, and scandals such as Facebook/Cambridge Analytica, people worldwide are understanding their data rights and will not be hesitant to act.

In fact, the Information Commissioner’s Office (ICO), the UK’s independent body tasked with upholding information rights, experienced an 82% increase in data protection complaints from individuals in the months following the implementation of GDPR. In May, prior to GDPR going into effect, the ICO received 2,310 complaints. By July, complaints reached 4,214.

Are data privacy and analytics mutually exclusive?

With the dawn of data privacy upon us, the serious questions from organizations have begun: Will our analytics program need to be scaled back? Will data privacy prevent us from being data driven? Can analytics and data privacy even coexist within the same organization?

These are all fair questions from organizations that want to put their customers first. But to be clear, data privacy and analytics are not mutually exclusive. With individuals now considered “owners of their data,” organizations must:

  • Respect the rights and wishes of their customers (i.e., rights to access, query and erase personal data held by organizations).

  • Build privacy by design into all their processes (meaning, start software development with data protection and data privacy in mind).

  • Ensure that all individuals within the organization know their role in keeping customers’ data secure and private.

These steps are all essential in the era of data privacy, yet they shouldn’t preclude one from seeking out how analytics can benefit their organization. Analytics by its very nature depends on well-managed data to create the best insights – working toward data privacy is an enabler to such a goal.

One company that puts data privacy first, and yet is still very much using analytics to improve its business, is Interamerican. As the largest insurance provider in Greece, Interamerican was required to comply with the GDPR deadline of May 25, 2018. During their data privacy path, they learned something interesting: Not only did complying with data privacy regulations not hamper their analytics efforts, it enhanced them.

“The new GDPR requirements gave us the opportunity to invest and boost our data ecosystem,” said Xenophon Liapakis, CIO at Interamerican. “New tools, expertise and knowledge are used not only to comply with regulations and protect our data, but also to advance our data management practices by providing extended capabilities in data analysis.” 

Organizations shouldn’t fear data privacy regulations, but rather view them as an opportunity to develop stronger data management practices that will lead to increased productivity and better understanding of how to serve their customers.

Better data, for better analytics – the direct result of data privacy programs and analytics working together.

Todd Wright, Global Lead for GDPR Solutions at SAS, has 15 years of experience in data management software, including sales and marketing positions at DataFlux and SAS.

About the Author(s)

Guest Commentary

Guest Commentary

The InformationWeek community brings together IT practitioners and industry experts with IT advice, education, and opinions. We strive to highlight technology executives and subject matter experts and use their knowledge and experiences to help our audience of IT professionals in a meaningful way. We publish Guest Commentaries from IT practitioners, industry analysts, technology evangelists, and researchers in the field. We are focusing on four main topics: cloud computing; DevOps; data and analytics; and IT leadership and career development. We aim to offer objective, practical advice to our audience on those topics from people who have deep experience in these topics and know the ropes. Guest Commentaries must be vendor neutral. We don't publish articles that promote the writer's company or product.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like

More Insights