Aligning InterAction with your GDPR-compliant processes
The introduction of the EU General Data Protection Regulation (GDPR) on May 25, 2018 calls for significant changes to the way you collect, process, and secure individuals’ personal data. You’ll want to ensure that your InterAction® customer relationship management solution is correctly configured to support your GDPR-compliant data protection and consent processes. LexisNexis® can help you demonstrate that you have considered the impact of GDPR and that you are taking the steps needed to make appropriate changes to your systems and processes with an InterAction GDPR Readiness Review.
EU GDPR: THE RESPONSIBILITIES
Organizations that collect, process, and secure personal data about EU citizens must abide by the GDPR’s six privacy principles:
- Lawfulness, fairness, and transparency of data processing
- Purpose limitations of the data held
- Data minimization — data is adequate, relevant, and limited to what’s necessary in relation to the purposes for which it is processed.
- Accuracy — data is accurate and kept up to date
- Storage limitations — data is kept for no longer than necessary
- Integrity and confidentiality — appropriate security is in place to protect against unlawful processing or accidental loss, destruction, or damage
What’s involved in a GDPR Readiness Review?
An InterAction GDPR Readiness Review consists of the following stages:
Decision-Maker Workshop: This is a collaboration to establish your current situation and review your plans, with a focus on your GDPR processes. This will empower us to support you and help you make the decisions required to meet the GDPR requirements.
Configuration Review Workshop: Here we’ll work with you to review your InterAction solution, assessing both its configuration and its alignment with your GDPR processes. You’ll receive a report on our findings with recommendations for action.
Follow-up meeting: Schedule a session with your LexisNexis Client Advisor and Consultant to review your report and make sure you understand the recommendations. Then we’ll work together to help ensure you’re able to comply with GDPR.
What’s covered by an InterAction GDPR Readiness Review?
LexisNexis can provide recommendations on how to configure InterAction® to help meet your GDPR process requirements by:
Satisfying conditions for processing of personal data in relation to your agreements with clients, suppliers, intermediaries, experts, referrers, or alumni, and their consent.
Identifying and handling contacts where there are no conditions for processing personal data.
Working through all of the avenues for entering contacts and the fields available, as well as satisfying the conditions for workflow and lifecycle of a contact.
Discussing the processes, checks required, and limitations around adding new joiners’ data to InterAction. We’ll examine the implications of importing other data such as purchased lists and data gathered via joint marketing events.
Reviewing the data you hold in InterAction with an audit of all fields (hidden and unhidden) and how they’re used.
Reviewing current processes for marketing consent, and discussing potential new processes for obtaining a contact’s consent to receive different types of marketing communications.
EU GDPR: THE OPPORTUNITIES
GDPR compliance is about much more than avoiding financial penalties and reputational damage; it also opens up a range of new opportunities, such as:
- Improved data quality – Cleaning data to help ensure its accuracy on the run-up to GDPR will help raise the quality of your client and prospect database.
- Increased client confidence – Greater transparency in the way you collect and use data can promote trust and loyalty from your clients and increase their willingness to share more data with you.
- Stronger competitive advantage – Your GDPR processes, along with stronger client buy-in and data accuracy, could lead to new business opportunities through highly targeted and personalized marketing campaigns.