Organisations waiting for new EU Data Protection laws could risk business advantage and brand trust, says Iron Mountain
January 2015 by Iron Mountain
As new EU rules designed to create a unified landscape for the collection, use and retention of data remain embroiled in political debate, many European organisations remain unprepared for the upcoming changes[i]. These organisations could be missing out on significant competitive advantage, according to storage and information management company Iron Mountain.
In a business advisory paper published to mark World Data Protection and Privacy Day[ii], Iron Mountain stresses the importance of implementing robust data protection measures regardless of the progress of the European data protection proposals. Firms that have such measures in place are proven to have better brand reputations, stronger customer trust and a clear market advantage.
According to Forrester, “In the battle to win, serve and retain customers, data security and privacy have become competitive differentiators.”[iii]
The paper, entitled An opportunity to plan and manage the impact of legal change, helps organisations to grasp the full implications of the new regulation and understand why they matter. Many of the proposals, including arrangements for public sector data, the right of access to data by law-enforcement organisations and the opportunity for international firms to deal directly with the regulator in their home market (the so-called ‘one stop shop’), remain the subject of intense and vigorous debate among EU leaders three years after the legislation was first proposed. The delay in agreement reflects not just the conflicting interests of the 28 Member States but the rapidly evolving world of technology, connected consumers and big data.
“The proposed legislation is very powerful, and its impact will be felt across the world,” said Sue Trombley, Managing Director in Professional Services at Iron Mountain. “Concepts such as consistency of rules and their implementation across borders, the right to be forgotten, and the need for the effective de-identification of personal data to support healthcare and other research, for example, will be closely studied in other geopolitical zones.
“However, with so many of the proposals still in a state of flux, it can be tempting for firms to wait and see what actually makes the final cut. We believe that this would be a mistake. Strong, effective data protection and the responsible, transparent use and retention of data are the hallmark of an ethical organisation. It is an approach that can inspire customer trust just as much as a data breach can destroy it. The equation is simple: trust builds loyalty and loyalty drives sales. Organisations have much to gain from taking action now before the law obliges them to do so.”
[i] 52 per cent of companies, in a study across the UK, Germany and France undertaken by Ipswitch software in October, 2014. http://www.techweekeurope.co.uk/e-r...
[ii] An opportunity to plan and manage the impact of legal change http://www.ironmountain.co.uk/servi...