Research Reveals Hidden GDPR Risks to U.S. Firms
The following article was originally published by Printing Impressions. To read more of their content, subscribe to their newsletter, Today on PIWorld.
RANCHO SANTA MARGARITA, Calif. - May 15, 2018 - Melissa, a leading provider of global contact data quality and identity verification solutions, today announced highlights of its new research showing U.S. companies are still unprepared for the E.U.'s General Data Protection Regulation (GDPR). NAPCO Research and Melissa surveyed U.S. companies with annual revenue greater than $10 million regarding their understanding of and preparedness for GDPR, uncovering two areas where companies are significantly exposed to legal risk by these new regulations. Penalties go into effect on May 25, 2018, and non-compliant organizations risk triggering fines up to €20 million or 4% of global revenue, whichever is higher.
Survey results demonstrate that most U.S. companies do not adequately understand the challenges of GDPR, particularly the "right to be forgotten," guaranteed by Article 17 of the new regulation. Companies also have a false sense of security that their current single customer view (SCV) platforms such as customer relationship management (CRM), customer information file (CIF) and master data management (MDM) customer hubs will be adequate for GDPR compliance. In reality, the strict fuzzy record matching configurations of current SCV platforms were not designed to meet the looser fuzzy match requirements of GDPR.
Detailed insights on the NAPCO Research and Melissa survey are featured in the current issue of Melissa Magazine, downloadable here. The survey report includes guidance on strategies to address these GDPR risks, including empowering an individual to oversee GDPR compliance, conducting a GDPR Right to Erasure Risk Audit, and auditing various SCV platforms for their ability to locate all versions of any E.U. resident's record quickly and thoroughly.
Real-world responsibility for executing GDPR's complex changes in business processes varies wildly among Melissa's survey respondents. The role of Data Protection Officer, a critical "iceberg lookout" seat, is empty for most organizations' GDPR compliance teams.
"Embracing the smart data tools and support that are right for your enterprise is not a static commitment. GDPR turns some common data quality concepts on their head, and the scope of the danger may catch more than a few enterprises by surprise," said Ray Melissa, president and CEO, Melissa. "Melissa continually works to expand the role of enterprise data quality worldwide, and our GDPR research demonstrates the critical nature of this effort."
Before GDPR, false-negative match errors could be dismissed as minor mistakes with limited negative business impact, such as a customer or prospect receiving duplicate marketing messages, or creating a slight skew in analytics. And yet, a full 40% of respondents reported that they do not even track these errors. That false sense of security is leading U.S. marketers to underinvest in GDPR compliance initiatives. "More than 70% of our respondents either did not know what their company was allocating towards GDPR compliance, or said no specific GDPR budget had been established. Another 13% are allocating less than $1 million to these efforts. Overall, only 14% are allocating more than $1 million to GDPR compliance. These figures drive home the significance of the blind spot companies have to their GDPR compliance risks," added Melissa.
In addition to the jeopardy of undocumented false-negative errors, companies can't erase what they can't find. This is a critical factor in meeting the GDPR ruling, which requires companies to reliably find all of a customer's or prospect's data regardless of variations and data quality errors in name, address, email, phone number and other traditional record match attributes.
Click here to download the current issue of Melissa Magazine, including the full results of the NAPCO Research and Melissa GDPR survey.
The preceding press release was provided by a company unaffiliated with In-plant Graphics. The views expressed within do not directly reflect the thoughts or opinions of In-plant Graphics.
