To the sprinters, the spoils!
The sheer complexity of data protection compliance can make it seem hard to get anywhere fast, but it is possible to get a lot done in a short timeframe, explains Wendy Spires, Consultant at data privacy tech company Trace.
As anyone experienced in this fiendishly complex area of compliance will tell you, data protection is an endurance sport which calls for organisations to stay on top of continually changing rules - and risks - that affect virtually every element of their operations. But while it certainly is a marathon, we’re increasingly seeing our client cover impressive amounts of ground via our “sprint” offering.
Organisations often split into two camps on their data protection today: those who view their GDPR programme as a “one and done” effort which can safely be consigned to the mists of 2018 and those more correctly see compliance as a continual process, but who are frequently daunted by about taking those first next steps.
At Trace, we pride ourselves on being both technically and commercially aware, so that our clients can leverage best practice in data compliance as a competitive advantage. But that also extends to seeing how clients can most fruitfully work with us. For start-ups and scale-ups, dedicating huge amounts of time and resources to data compliance isn’t always option, yet they need quantifiable results, fast. Enter our sprint offering.
Like many of our clients, smartKYC is at the cutting edge of technology as a provider of intelligence monitoring solutions which utilise AI. Also like others, it works in a hotly contested field. Maintaining the highest quality compliance is non-negotiable, but so too are staying ahead of competitive pressures and making data protection really work for the business.
Full steam ahead
By delivering a highly focused, yet flexible sprint programme, Trace was able to showcase the full benefits of our model and bench strength. And it was full steam ahead right from the start.
Our initial data protection audit was enriched by a deep-dive discovery session with management to confirm and lift up new areas to tackle to form a roadmap for the next year. This laid out, we then set about key tasks for the near term.
First among these was to get smartKYC up and running with the Trace privacy management platform, so that Records of Processing Activity and other key documentation were built – and ready to be built further upon. We then drew on our internal auditing and accreditation expertise to tighten smartKYC’s infosec policies and procedures, while also advising on best practices in data retention, human resources, data transfers and more. We were even able to squeeze in some highly valuable work on data ethics and future developments on the technological side.
In short, we were able to get smartKYC’s data compliance programme in pretty good shape in a matter of just a few days – and completely bust the myth that compliance has to be a gargantuan effort, and if you can’t do that then it’s best alone.
With the right focus and a team which understands your business quickly, we are proof that you can get a lot of mileage out of just a few days of support. The prize is staying on the pace on the pace of compliance without a huge commitment in time or costs. We say: to the sprinters, the spoils!