Data Protection Compliance [Recap]

Data Protection Compliance [Recap]

This post highlights a recent presentation by Ted Sfikas and Clint Eagar at Validate 2017, a data governance boot camp hosted by ObservePoint.

Nervous about the upcoming GDPR deadline? You’re not alone—47% of businesses fear they won’t meet the requirements for GDPR.

Many might see GDPR as an unyielding regulation that could cause some serious damage for companies that fail the compliance litmus test. Well, that’s perfectly true.

But on the other hand, glass-half-full opportunists see GDPR as a chance to clean up their act and differentiate their company. Companies who rededicate themselves to data privacy and security could get an edge on the competition by appealing to the customer’s desire for disclosure.

In reality, GDPR could be a blessing in disguise.

Nevertheless, GDPR compliance isn’t any less real, and it’s up to organizations to make the necessary changes.

Here are some tips from Tealium’s Ted Sfikas, Director of Solutions Consulting, and ObservePoint’s Clint Eagar, VP of Data Governance, who recently presented at Validate 2017 about GDPR.

Reign in data leakage

Data leakage is the unauthorized transmission of data (or information) from within an organization to an internal or external destination or recipient. Leakage can happen as a result of piggybacking tags, rogue accounts or other unauthorized means.

Data leakage could be one of the primary issues around which fines may be assessed. Performing your due diligence to uncover and document all vendors on your site is 100% necessary to avoid having the EU throw the book at you.

Tag Initiators allows ObservePoint users to easily map out what tags are firing on their site so they can identify potential threats.

Provide explicit consent and transparency

GDPR requires all data collection and automation to be a fully transparent process, and users must opt in to be included in the data pool.

Consent cannot be implied—it must be freely given, specific, informed and unambiguous. This also means companies must be able to provide verifiable parental consent for minors.

Observe the right to be forgotten

The right to be forgotten gives consumers full control of their own data. Specifically, this means:

  • Upon request, companies must erase personal data without undue delay (24 hours).
  • GDPR requires data portability, meaning consumers have the right to “move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without hindrance to usability” (Information Commissioner’s Office).
  • Data subjects have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them.

Preparing for GDPR

Without sounding too dramatic, GDPR is upon us, and needs to be dealt with appropriately. To learn more, check out these additional resources:

Preparing for GDPR

Validate 2017 is a hands-on, technical boot camp where data governance teams and analytics professionals hone their digital analytics skills and learn to drive more results with their marketing technologies.

Related Posts

How to Validate Landing Pages for Emails

Landing Page Validation for Emails (LPV4E) is a feature that automatically audits every single link in an email, so you can send confidently.
Read More

CMPs: Why You Can’t Set It and Forget It

This infographic shows you how CMPs and ObservePoint work together to provide continuous cookie validation and consent management.
Read More

Sports Organization Establishes Reporting & Analytics Reliability

A professional organization with a massive tech stack and an impending site migration used ObservePoint to get legacy tech under control and establish automatic Audits for ongoing checks on site health and cleanliness.
Read More

A Guide to Continuously Monitoring Your Consent Management

We’ve taken highlights from an IAPP webinar with OneTrust and ObservePoint to give you a framework for organizing consent management validation: how often you should audit, what to look for, and how to remediate issues.
Read More

How to Remediate Issues Found in ObservePoint

Steps to take when your ObservePoint Audit finds common issues with your website.
Read More

Beyond Setup: Key Steps to Continuous Compliance in Consent Management

Learn why "set it and forget it" is a risky approach and how continuous monitoring can safeguard your compliance efforts.
Read More

How to Validate Landing Pages for Emails

Landing Page Validation for Emails (LPV4E) is a feature that automatically audits every single link in an email, so you can send confidently.
Read More

CMPs: Why You Can’t Set It and Forget It

This infographic shows you how CMPs and ObservePoint work together to provide continuous cookie validation and consent management.
Read More

Sports Organization Establishes Reporting & Analytics Reliability

A professional organization with a massive tech stack and an impending site migration used ObservePoint to get legacy tech under control and establish automatic Audits for ongoing checks on site health and cleanliness.
Read More

A Guide to Continuously Monitoring Your Consent Management

We’ve taken highlights from an IAPP webinar with OneTrust and ObservePoint to give you a framework for organizing consent management validation: how often you should audit, what to look for, and how to remediate issues.
Read More

How to Remediate Issues Found in ObservePoint

Steps to take when your ObservePoint Audit finds common issues with your website.
Read More

Beyond Setup: Key Steps to Continuous Compliance in Consent Management

Learn why "set it and forget it" is a risky approach and how continuous monitoring can safeguard your compliance efforts.
Read More