Page 35 - AeM_May_2017
P. 35
LEGISLATION
In the future, customers and data protectors will general- look for a provider who is hosting customer data on
ly get more attention, which is why the new regulations EU soil and does not leave a backdoor open for US
need to be treated with particular care and the analysis authorities. Anyway, marketing managers, who are
of all processes that affect personal data requires funda- looking for a secure CRM provider, should be up-
mental rethinking. front with in negotiations and have preliminary
checks to find out which providers are working with
The following few steps are important for marketing data protection.
managers:
• Certifications are a fourth step towards a data-
• The first step is to analyze the data transmission compliant company, which means that the compa-
paths and processes to quickly identify where action ny complies with certain security requirements. The
and support are needed: Companies that work with certification according to ISO 27001 is often the
personal data are obliged to ensure that there is no basis as it proves that the management systems
unauthorized access to their data or technical facili- used meet international security requirements. But
ties, meaning they must make both technical and there are many more certificates available and
organizational arrangements for their services. An there is even a European seal of quality called
approved encryption method is important to protect ‘European Privacy Seal’ (EuroPriSe). I’d suggest
all personal data from external attacks and policies asking concrete questions regarding certifications,
for advertising and rules for explicit consent to the as it will immediately sort out certain contract part-
processing and storage of personal data after ners.
changes in the conditions of use must be put to the
test here. My appeal to all companies and marketers who work
with sensitive customer data respectively: Rethink pri-
• Communication takes place in the second step: Em- vacy - it is not your enemy but your friend – as data
ployees and partners are sensitized for data security protection is brand protection! Investing in secure data
and even small businesses should appoint a data pays off because customers and partners appreciate
protection officer. This person should work closely the efforts.
with the marketing community and make a strong
commitment to comply with regulations and guide- You have still more than a year left to become compli-
lines. The priority is to interest employees for the ant, since the application date is 25 May 2018, but it’s
topic of data protection and to provide them with not very long considering two things. The first is that
know-how and training, since they are the ones who compliance with data protection laws requires a precise
ultimately have to work with new data transmission understanding of data processing activities, including
technologies, security systems and procedures. knowledge of the cross-border outsourcing of data pro-
cessing that can take place. Not to mention that some
provisions of the GDPR require a further interpretation
• In the third step, suppliers and service providers to be applied in specific sectors.
should get involved. CMOs should confront their
data hosts with legal requirements that they must So, keep things moving! ◊
adhere to. If this is not the case, it is important to
By Daniela La Marca
MediaBUZZ Pte Ltd - Independant ePublisher for Asia