As always, there's a fine balance between hubris and humility and corporate ethics play a massively important role in determining how a business stays on that tightrope. In two short months' time the European Union's General Data Protection Regulation (GDPR) will have come into effect and many companies will still be struggling to come to terms with its holistic implications.
We're proud to announce that as of 26 March 2018 Hitachi Consulting becomes one of the first companies in the UK to achieve compliance with the BS 10012:2017 data protection standard for its personal information management system (PIM) that sits at the heart of its compliance with the GDPR. Erring on the side of humility, it's crucial for us to have achieved such compliance for all of the obvious reasons of corporate ethics, to live the values of the organisation and to ensure that our people and processes adhere fully to the Regulation's stringent guidelines. But within our burgeoning Retail practice it's also important to identify the potential this presents to those Retailers which are juggling the apparent dichotomies of regulation adherence with the opportunities for leveraging the vast volumes of data built up on customer purchasing behaviour over many years.
So, without wishing to stray too far towards the hubris end of the spectrum it's also important to ask a simple question: if you're a Retail business still battling with GDPR but also desperate to use the insight buried within personal customer data, who are you best to trust - a partner which has achieved BSI GDPR compliance itself and can help you to do the same or someone merely talking about doing so?
For retail businesses the challenge of harnessing technology has never been greater. Data collected over time is hugely valuable if the relevance of its insight can be unlocked using artificial intelligence (AI) and machine learning (ML) but the technical skills necessary to do this are not a typical part of a Retailer's make up. Personalised digital campaign management offers potential for substantial growth and with it improved margins across cross-sell and up-sell opportunities but only if the more prosaic aspects of data quality, governance, security and ownership in the dawning age of GDPR can be fully understood - and complied with. And these technical conundrums are compounded by the necessity to operate in a rapidly-changing omnichannel world full of customers with fickle shopping habits who have become used to instant retail gratification and from 25 May 2018 will have the power to fundamentally change the way that the data held about them is used.
The "gold rush of collecting personal data" will continue. The outcome-based insight it holds will see to that. But the difficult task of knowing which partner to trust to help you to realise the potential whilst staying compliant to GDPR and avoiding the eye-watering potential fines for not doing so just got a whole lot easier...
The gold rush of collecting personal data has built a large security debt over time. The bill has now come due.