Regulatory Compliance & Risk Management
3 minute read
Nov 27, 2019
Written by: Laurent Robert
The European Union’s General Data Protection Regulation is just the tip of the iceberg when it comes to protecting consumer data. It’s by far the most comprehensive regulatory guideline to date, and its reverberations are already being felt stateside.
Using the California Consumer Privacy Act (CCPA) as our bellwether, this post aims to provide your organization with four steps you can begin today that will lay the groundwork for implementation.
In response to events such as the personal data misuse by Cambridge Analytica, the California Legislature set out to give consumers greater control over their personal information. The act gives Californians the right to:
These rules might feel crippling, especially for small businesses and startups. And for that reason, the legislation only applies to organizations who meet very specific criteria:
While CCPA doesn’t go into effect until January 1, California-based organizations, and those with a heavy customer-base in the state, are scrambling to stay on top of revisions and build out the organizational infrastructure to be in compliance, or at the very least show a good-faith effort.
The knee-jerk reaction is to approach this solely as an operational challenge. While that may be a short-term solution to meet impending deadlines, those in and outside the California (and Nevada) borders should approach this as both an operational and strategic exercise. As organizations begin instituting mechanisms to better organize and protect customer data, senior leaders need to get into the practice of asking themselves, how do these actions impact our broader business strategy? And, as sensitivity around the topic of customer privacy grows, will this necessitate a broader pivot?
While you ponder the strategic implications, there are several activities organizations that collect sensitive consumer data should be taking now to prepare themselves for this new era of consumer data protection.
Most states and the federal government are still several years away from approving laws that prioritize consumer protection over the bottom line – but consumer attitudes are already there. Starting with your strategy – and beginning to build a culture around the sensitivity of customer data – will help streamline the operational shifts, making the transition to compliance far less difficult.
For those of you beginning this process or looking to begin it, I encourage you to reach out, ask questions and share insights.
When it comes to organizational change, I like to compare change management to something legendary football coach Lou Holtz is quoted as saying “Life is 10 percent what happens to you and ninety percent how you respond to it.” Today organizational change is inevitable. Big or small, all organizations experience change. When it comes to change management, how you respond to organizational change is essential to your success.
Executive Leadership Coaching 2 minute read
Think about how much the tried-and-true adage “a picture is worth a thousand words” says.
Business Analytics & Data Management 5 minute read
Normally, we don’t get confirmation from the National Bureau of Economic Research on whether we’ve hit a recession until long after its start. Whether that confirmation comes sooner during the COVID-19 crisis is beside the point – many experts agree that as of March 2020 we’ve entered a recession.
Business Analytics & Data Management, Regulatory Compliance & Risk Management 4 minute read
Like how we think? Subscribe to have our articles delivered direct to your inbox each month.
Headquarters: 8000 Franklin Farms Drive, Suite 100, Richmond, VA 23229
©2020 Spinnaker Consulting Group. All rights reserved.