Interview: Ian Gotts Explains what GDPR Means for Admins

By

Today on the Salesforce Admins Podcast we’re talking to Ian Gotts, founder and CEO of Elements.cloud, to find out more about GDPR and processes for large organizations. For February and March, we’re setting our sights on productivity with a series of topics to help you focus on being a productive Admin and how you can deliver productivity to your users.

Join us as Ian Gotts explains how GDPR affects you whether you’re in the EU or not, and why you should view it as an opportunity and not a hassle.

You should subscribe for the full episode, but here are a few takeaways from our conversation with Ian Gotts.

The basics of GDPR

Ian is the CEO of Elements.cloud, an ISV running on AWS but tightly integrated with Salesforce. He joins us on the podcast to talk about General Data Protection Regulation (GDPR), a European data privacy standard. “Our data is now spread over the world in multiple systems,” Ian says, so it’s time to update our privacy laws.

The regulations are due on May 25, 2018, and the fines are up to €20,000 or 4% of global revenue, whichever is higher, so it’s probably something to stay on top of. “There are about 100 clauses and I think I’ve read all of them, which makes me not all that fun at parties,” Ian says (Gillian disagrees). “The principle is privacy by design,” Ian says, “you need to build privacy at the center of the way you manage your customers’ data.”

In the US, data privacy tends to be opt-out, as in companies will use your customer data unless you opt out. GDPR flips that on its head— customers have to explicitly give permission for companies to use their data. The thing is, even though it’s a European standard it applies to any companies that are holding European data, whether you’re in eCommerce, software, higher ed, or travel hospitality.

Think about the benefits, not the fines

With regulations, Ian advocates a different perspective: “Think about benefits, not fines.” 4% of revenues is a big enough number to get your CEO’s attention, “and that can start to drive some of those projects that we want to get driven.” The other thing is that, while it’s a European standard, Ian thinks it’s likely to be the global norm in the next five years. “Getting a jump on this drives up our reputation with our customers, and the act of getting rid of that data which you shouldn’t have means you’re clearing out your databases of dead email addresses, so you can build a proper engagement with those customers,” Ian says.

The bottom line is that finding a way to comply actually pushes you to improve as a company. As Ian says, “Those people who do compliance well actually get a better-run business.” It’s about coordinating your marketing, sales, and customer service departments, and GDPR is just a catalyst.

The three jobs an Admin needs to do to comply with GDPR

“There are about 13 clauses in GDPR where there are specific things you have to go and do,” Ian says. For example, if there’s a subject matter access request you have 30 days to be able to tell a customer everywhere you hold their data. For a data breach, you have 72 hours to report it. “There are things you’ve got to better, there are new processes you need to put in place,” Ian says, “but there are a whole bunch of other processes you’ve already got that you need to improve on.”

For Salesforce Admins, there are basically three jobs. One, you need to start thinking about how Salesforce gets used inside your organization. How does the lead to opportunity process work? What about the sales support process? At what points are you going to need to ask for consent?

Secondly, you need to build a data inventory. “This is the scary one,” Ian says, “because you’ve got to go and identify every field in your company where you hold customer data.” Finally, make sure that you’re leveraging those fines to make sure that you can make some serious changes to your Org. The important thing is that this is a long-term change, “GDPR isn’t just for the 25th of May, it’s ongoing,” Ian says, “so you’ve got to find some techniques for how you’re going to manage those customer data fields when people start to add new fields or new objects.”

Resources:

Twitter:

We want to remind you that if you love what you hear, or even if you don’t head on over to iTunes and give us a review. It’s super easy to do, and it really helps more Admins find the podcast. Plus, we would really appreciate it.

Love our podcasts?

Subscribe today on iTunes, Google Play, Sound Cloud and Spotify!

What Should Salesforce Admins Know About User Learning Styles?

Today on the Salesforce Admins Podcast, we talk to Lisa Tulchin, Senior Curriculum Developer at Salesforce. Join us as we chat about user learning styles and how to use them to create better training sessions. You should subscribe for the full episode, but here are a few takeaways from our conversation with Lisa Tulchin. Choose […]

READ MORE