MWS Group eliminates paper and spreadsheet processes for all kinds of businesses. Whether you're a non-profit drowning in paper or an SMB reliant upon spreadsheets for key processes, MWS Group should be your first stop. We will find the best software for you or write an automated solution on our Rapid-Development Low-Code Platform. Either way, you win.
DEEPER INSIGHTSTransform the Way You Do Business with a Unified Platform for ERP and CRMMost enterprise software applications do not yet have features that deal with the European Union’s new General Data Protection Regulation (GDPR). There are standalone point solutions that address GDPR, but can they really address the challenge given that data exists in many different business applications including enterprise resource planning (ERP) software? The different places data may be housed beyond customer relationship management (CRM) is creating new challenges for companies looking to effectively deal with GDPR compliance. So it is essential that enterprise software delivers native built-in features to enable compliance.
Identifiable customer data is resident throughout your applications, and tracking it, managing it and determining what data you have the right to use is becoming more complex as traditional product-oriented industries pursue products ‘as a service’ — focusing more on services delivered around a product over its lifecycle, as opposed to sale of the initial product itself.
Mission Critical, Even in the U.S.
Many sources deal with the requirements of GDPR at length, and it may make sense to consult your attorney or corporate counsel regarding your processes, but in short, any company handling information about individuals must be able to show that they have the consent of subjects for data processing and practice anonymous data collection to protect privacy. Businesses will also be required to notify subjects of any breach of their identifiable information as well as safely handle the transfer of data across borders. In some cases, they will also need to appoint a Data Protection Officer to oversee GDPR compliance.
EU residents also have certain rights under GDPR, and it is up to anyone handling their data to show they are safeguarding these rights. Violation of these rights may result in stiff financial penalties. Even if an organization does not reside or have a presence in the European Union, a GDPR violation can lead to a fine of 4 percent of your annual revenue or €20 million — whichever is greater.
Servitization Drives Greater Complexity
As product-oriented companies make the transition to more and more service offerings, the amount of customer data they hold will increase, and so will the ways they engage with that data. Rather than marketing a product up to the point of a sale transaction, the relationship with the customer continues under a contract or through periodic additional service transactions.
This increases complexity in terms of tracking which customers have contracts in place and which do not, and treating identifying data differently depending on its contractual status. Customers may also want service history and other historical data transferred to a new vendor, a capability organizations must be able to provide under the new regulation. Any company that issues warranties or service contracts to customers who buy their products will also need to determine their exposure from the resulting data.
GDPR: The Data Challenge
This data can reside throughout your business and is affected by GDPR. Any compliance challenge can be made easier when data is contained in a centralized system of record, but even in a self-contained application, GDPR presents challenges that suggest changes to the underlying architecture and functionality will be necessary to implement to streamline compliance. This is a complex challenge for several reasons.
Just as ERP and field service management software companies have to re-examine their applications in light of regulatory changes and gradual shifts such as the movement of U.S. GAAP towards the IFRS standard, enterprise software companies must evolve their offering quickly to facilitate GDPR compliance.
Most enterprise software vendors will still steer customers towards point solutions integrated with an enterprise software product for compliance. While it will be a challenge, vendors will need to evolve their products to deal with GDPR. This is the most elegant way to achieve key elements of compliance.
Less Data can Create More Problems
Many companies will find they underestimated the challenge of identifying someone from data in their system, particularly if they focus on non-unique identifiers such as first and last name. So, one practical — if seemingly counter-intuitive move — may be to collect more data!
If there are many people with identical names, the company will need to ensure they are processing data for the right person. Destroying the wrong person’s data or handing the wrong person’s data over to an unauthorized person could have serious repercussions. The best way to solve it is to put more personal information in the system. This creates a more unique record and enables you to code it against an index number or field you can use uniquely in your system.
Enterprise software will typically enable role-specific access to information in order to ensure that financial data is viewed or accessed only by approved people. These defined roles can also be used to ensure that only people with a legitimate need to access protected information have the required permissions.
If a customer, employee or other affected party calls you and wants to be forgotten, organizations need to quickly ascertain what personal data is held in the system — and each disparate system represents a potential failure point in your compliance effort. It is also very inefficient to create and attempt to follow compliance processes across multiple systems.
A centralized system of record eases any compliance effort because it gives you consistent visibility and control over who can see content, who can destroy content, what content people have permission to use in what way and how they secured that permission.
As we see how GDPR sends tentacles throughout the structured and unstructured data that underpins business applications, we start to understand that it is essential that enterprise software delivers native built-in features to facilitate compliance.
MWS Group is a technology partner of AgilePoint and many other SaaS vendors We specialize in automating and integrating the manual and spreadsheet processes that inhibit growth.