In most areas of life, negative motivation alone will not create good results. (If you don’t believe me, ask your employees, or your teenage children – or take a look at what research has to say.) When it comes to data privacy, recent studies show very similar outcomes.
Take the European Union’s strict new GDPR data privacy regulations, which went into effect in the spring of 2018. It featured some of the stiffest penalties to date, with potential fines up to the higher of €20 million or 4% of global annual turnover. But even in the face of this kind of financial risk, at least one survey, one month before the implementation deadline, showed that only 40% of companies expected to be ready for GDPR – and only 7% were actually ready.
Benefits of Investing in Data Privacy
Figures like these are all the more interesting in light of a recent benchmarking study from Cisco that shows that businesses actually gain substantial benefits from making investments in data privacy. The report quotes Peter Lefkowitz, the 2018 Board Chairman of the International Association of Privacy Professionals (IAPP), as saying, “This research provides evidence for something Privacy professionals have long understood – that organizations are benefitting from their privacy investments beyond compliance.”
Fewer data breaches. Among companies that were ready for GDPR, 74% experienced data breaches versus 89% for those companies that were least ready.
Less impact from data breaches. GDPR-ready companies who subsequently experienced data breaches had less than half the number of records affected versus the least-ready companies. They also experienced roughly a third-less downtime as a result of these breaches, and only 37% experienced losses in excess of US $500,000 versus 64% of the least-ready.
A shorter sales cycle. Because customers expect businesses to address their own privacy concerns nowadays, respondents experienced an average sales delay of 3-9 weeks, with 87% of businesses reporting delays in selling to existing customers or prospects.
Greater customer goodwill. According to Peter Lefkowitz, this study demonstrated that strong privacy compliance “increases customer trust.”
Despite these benefits, some companies are still struggling to catch up with GDPR compliance: 37% of affected companies were still not fully ready at the time of the survey, with 9% being more than a year away. But this survey also showed substantial evidence of other good habits of data governance. For example, over a third had a relatively complete catalog of their data assets, nearly a third had a formal chief data officer, and 40% felt they were “effective in connecting different data assets together to create more value for our customers and ourselves.” These habits, in turn, appear to translate to competitive advantage and tangible bottom-line benefits.
So when it comes to data privacy, it looks like psychologists had it right all along: carrots work much better than sticks. So start looking into the many benefits of better data privacy policies in your own organization, sell these goals to your stakeholders, and then use them as a base for your own organization’s efforts. And remember, when it comes to the automated data quality tools to help make these policies work, we’re always happy to discuss your options: contact us anytime.