Privacy Pros: Help Your Marketing Team Get Ahead of Their GDPR Challenges

by Gant Redmon

October 25, 2017

I spoke on a panel at Hubspot’s Inbound conference recently to marketing professionals about the implications of the EU’s General Data Protection Regulation (GDPR) on their marketing activities.

Their biggest concern: the viability of massive contact databases and whether or not new consent must be obtained from each contact owner.

When it comes to marketing to a database, GDPR compliance is all about record keeping and transparency. To be ready for GDPR, marketers need to have a grasp on who is in their database and where they live, and then be able to identify what improvements are needed in order to comply.

There are several lawful ways to market to these databases. First, you need to know what data you have, where it is located, who has access, and how it is secured. From there, you can then choose a lawful purpose for processing the data, to ultimately market to the database. Many think affirmative consent is the only way you can market to names in a database. That is not true. There are several other alternatives to getting consent, including to perform a contract, or because you have a “legitimate interest” in processing the data.

There are many things privacy professionals should be doing to get ready for GDPR – and when it comes to the marketing function, privacy professionals should help guide their colleagues. Here are a few things to have the marketing team think about to get prepared for GDPR’s May 2018 deadline:

  • Are you relying on explicit consent? Under GDPR, you’ll need to document that consent, have an opt-in/out policy, and have methods for subjects to see, modify, delete, and possibly move their information.
  • Have you identified a legal reason to market? You will need to articulate your thinking of that legitimate interest and make it available to data subjects at the point of data collection where possible.
  • Know what your data is, how it’s used, and then balance it with privacy rights. This is the heart of preparing for GDPR. If your marketers can accurately describe the information collected, its use, and balance that use in favor of the data subjects’ fundamental right to privacy and reasonable expectations, they will have built a foundation for GDPR readiness.

Learn more about GDPR and how IBM Resilient helps companies prepare for its May 2018 deadline.

Comments (0)

Leave a Reply

Your email address will not be published. Required fields are marked *

one × 1 =

View Our Additional Resources

  1. Accelerating SOC Transformation with IBM Resilient and Carbon Black

     

    Accelerating SOC Transformation with IBM Resilient and Carbon Black

    Security Operation Centers (SOCs) today are complex environments. They often have too many separate tools, uncoordinated analysts in the response process, and confusion around alert prioritization. Because of this, SOCs consistently struggle responding to the most urgent incidents.

    Watch Now
  2. Six Steps for Building a Robust Incident Response Function

     

    Six Steps for Building a Robust Incident Response Function

    To overcome today’s top security challenges, organizations are increasingly seeking to orchestrate their incident response (IR). They aim to build agile, measurable IR workflows, increase communication and coordination, and arm their team with the right tools and intelligence.

    Download Now
  3. Intelligent Orchestration: Battling Complex Cyberattacks with the Next Generation of Incident Response and Security Operations

     

    Intelligent Orchestration: Battling Complex Cyberattacks with the Next Generation of Incident Response and Security Operations

    Intelligent Orchestration – the next generation of incident response (IR) – is a powerful security capability that uniquely blends human and machine intelligence with orchestration and automation, dramatically accelerating and sharpening organizations’ response to cyberattacks.

    Download Now
  4. What is Intelligent Orchestration: Ask Ted

     

    What is Intelligent Orchestration: Ask Ted

    Intelligent Orchestration – the next generation of incident response (IR) – is a powerful security capability that uniquely blends human and machine intelligence with orchestration and automation, dramatically accelerating and sharpening organizations’ response to cyberattacks.

    Watch Now