Upload
others
View
4
Download
0
Embed Size (px)
Citation preview
DataStrategy&PrivacyforB2SMBCompaniesAB2SMBPlaybook:BestPracticesforWinning,Keeping&GrowingSmall-BusinessCustomers
PlaybookContributedby
B2SMBPLAYBOOK:DataStrategy&PrivacyforB2SMBCompanies©2018B2SMBInstitute 2
AboutB2SMBPlaybooks 3
PlaybookContributors 4
Abstract 5
Introduction 6
TheSituation 7
TheGlobalLegalities 8
TheB2SMBReality 9
PrivacybyDesign 11
TheDatasmartMethod 12
7StepstoEnsurePbD 18
AboutSourceMediaandWardPLLC 19
AbouttheB2SMBInstitute 20
Playbooks19 21
B2SMBPlaybooksprovideactionablesolutionstosomeofthemostcommonissuesinB2SMBsales,marketingandoperations.We’veenlistedsomeofthebrightestmindsinSMB-focusedsolutionstosharetheirbesttactics.
WhoshouldusethisPlaybook?B2SMBpractitionersresponsibleformarketing,sales,productdevelopment,customerserviceordeliveryofsolutionstosmall-businesscustomers.
B2SMBPLAYBOOK:DataStrategy&PrivacyforB2SMBCompanies©2018B2SMBInstitute 3
--ChristianWard,theChiefDataOfficerforSourceMedia,andJayWard,ManagingMemberofWardPLLC,alawfirmfocusedsolelyondataprivacyandstrategy,tookadeepdiveintodatasecurityinapresentationatthe2018B2SMBInstituteGlobalConferenceinChicago.
Thebrotherstalkedabouttheincreasingimportanceofcreatingaproactivestrategytounderstandthevalueofthedatacompaniescollect,exploititresponsibly,andkeepprivacyonlockdown.
TheirplaybookforprotectingdatashowshowB2SMBcompaniescanidentifyandunderstandthevalueoftheirdatainventory,developaframeworkfortheuseofthatdata,andbuildastrategyaroundittoensureconsumerprivacy.
B2SMBPLAYBOOK:DataStrategy&PrivacyforB2SMBCompanies©2018B2SMBInstitute 4
CHRISTIANWARDChiefDataOfficerSourceMedia
JAYWARDManagingMemberWardPLLC
TheProblem:Companieshavelongoperatedwitha“dehumanized”approachtodata,usinganylawfullyobtainedinformationinwhateverwaytheylike.Butwithagrowingfocusondatasecurityaroundtheworldandincreasinglegalliability,B2SMBcompaniesneedtopro-activelythinkabouthowtheyhandleandusetheirclients’information.
TheProcess:UsingtheDatasmartMethod,B2SMBcompaniescantakeaninventorytounderstandandevaluatethedatathattheyareholding,andcreateaframeworkforleveragingit.Aspartofthisprocess,theycanputsystemsinplacetoensurethesafetyofdataassets.
TheResult:“PrivacybyDesign”isawaytosafeguardcustomerdataandprovideprotectionfromliability—butitcanalsoprovidetheopportunityforcompaniesthatemployittobe“BestinClass”fordataprivacy.
B2SMBPLAYBOOK:DataStrategy&PrivacyforB2SMBCompanies©2018B2SMBInstitute 5
--Inthewakeofseveralyearsofhigh-publicitydatabreachesatmajortechcompanies,privacyisincreasinglyonthemindsofbusinessesandconsumers.Asaresult,everyaspectabouthowbusinessesview,storeandmanagedataisbeingreevaluated.
B2SMBcompaniesthatdonothavedirectcontactwithconsumersmaynotthinkofthemselvesasdealingwith“personal”data,perse,buttheycanstillfindthemselvesliableforbreaches,andneedtoprotectthemselvesfromliability.
B2SMBPLAYBOOK:DataStrategy&PrivacyforB2SMBCompanies©2018B2SMBInstitute 6
CompaniesintheB2SMBspacehavebeentalkingforyearsabouttheirwealthofbigdata.“Wehavesomuchdatafromcustomers,frompartners,fromeveryone.Wejustdon’tknowhowtoleverageit…”isacommonrefrain.
Butwhenevercompaniesstarttoreallyleveragethatdatainmeaningfulways,theyinevitablybumpupagainstconsumerprivacyissues.
Mostcompaniesarestillstrugglingwithhowtobuild“privacybydesign”intotheirproducts—muchlessprofitfromit.
IntheU.S.,wehavelongoperatedwitha“dehumanized”approachtodata,believingthatanylegallyobtaineddatacanbeusedforanylawfulpurpose.Butthat’snotwheretheworld(includingtheU.S.)isheaded.
B2SMBPLAYBOOK:DataStrategy&PrivacyforB2SMBCompanies©2018B2SMBInstitute 7
Most c
ompanies !
are st
ill struggling
!
with h
ow to build!
“privacy
by design
”
into their
products —
much less pr
ofit !
from it. !
WhilemanyofusknowaboutGDPR(whichhasimposednewprivacyrulesfortheE.U.),manymaynotbeawarethatothermajorcountriesaroundtheworldarealsoimposingtheirownlawsarounddataprivacy.Hereareafewexamples:1. SouthKorea’sPersonalInformationProtectionActis,ifanything,
evenmorestrictthanGDPR.2. Australia’sFederalPrivacyAct1988appliestoalllargerentities,
regardlessofsector.3. Mexico’sFederalDataProtectionLawappliestoallentities,
regardlessofsizeorsector,andapplieslawfulpurpose,minimization,andtransparencyrequirements.
4. CanadahasPIPEDA,whichisbecomingmorerobustwitheachyear,astheDataProtectionCommissionerexpandsitsremit.
5. Japan’sActontheProtectionofPersonalInformationisaGDPRanalogue,somuchsothattheECandJapanhavereachedtheworld'slargestmutualadequacydecisionondatatransfer.
Meanwhile,othermajorcountriesareapplyingsimilarlaws,andintheU.S.,CalCPAwaslikelyjustthefirststeptowardincreasedprivacy.
B2SMBPLAYBOOK:DataStrategy&PrivacyforB2SMBCompanies©2018B2SMBInstitute 8
Withthisglobaltrendondataprivacyincreasinglyclear,it’stimetoreexaminetwomajormythsintheworldofB2SMB:
1. “MycompanyonlydealswithB2B”
ThefirstmythimpliesthatbecauseB2SMBcompaniesareonestepremovedfromtheendconsumer,they’renotreallydealingwith“personal”data.Butattheendoftheday,allofthedatawearedealingwithispersonal.Theclientisaperson,andtheclienthasclients,whoarepeople.
Meanwhile,SMBsarenotequippedtosolvetheirowndataprivacyissues,andmostwillassumethatB2SMBcompaniesaredealingwiththatforthem.
B2SMBPLAYBOOK:DataStrategy&PrivacyforB2SMBCompanies©2018B2SMBInstitute 9
2.“Theycan’treallyenforcethis[privacy]stuff,right?”
Thesecondmythisalsospecious,becauseenforcementishappeningalready.Butevenwhereenforcementislax,publicrevelationsofdataprivacybreachescanhavesevereconsequences.
Companiesthatviolateprivacylawcanlookforwardtoanaverageof5%lossinmarketcap,regulatoryfinesfrom4%ofrevenuesto$1millionormorefromtheFTC,andadditionalstock/equitylosswhenapenaltyisannounced.
Lastbutnotleast,theseprivacybreachesoftenresultinexpensivelawsuits.
B2SMBPLAYBOOK:DataStrategy&PrivacyforB2SMBCompanies©2018B2SMBInstitute 10
Theemergingconsensusisthatcompaniesneedtoincorporate“PrivacybyDesign”(PbD)intotheiroperations.PbDisanapproachandamethodtoeverythingyoudo.
MostB2SMBcompanies,atcore,areoperatingdatapartnershipplatforms—theseincludeemailmarketing,CRM,CDP,CMS,ERP,DMP,adtech,reviews,contentgeneration,social,accounting,anddocumentstorage.
Alloftheseofferingsareactuallydatapartnershipsbetweenthecompanyandthird-partysuppliers.Asaresult,companiesofferinganyofthesetypesofservicesneedtoemployaplaybookinordertoinstitutePbD.
B2SMBPLAYBOOK:DataStrategy&PrivacyforB2SMBCompanies©2018B2SMBInstitute 11
PbD is an app
roach
and a metho
d to
everything
you do.!
B2SMBPLAYBOOK:DataStrategy&PrivacyforB2SMBCompanies©2018B2SMBInstitute 12
PROTECTIDENTIFY VALUE
Conductameaningful
inventoryofintrinsicandextrinsicdata
Determinethevalueandriskof
eachofthedatasets
Developaframeworkfor
usingthedatatoleverageitsvalue
Ensurethesafetyofdataassetsandsafeguard
customerprivacy
STRUCTURE
TheDatasmartMethodisjustsuchaplaybook.Companiesuseittofirstconductameaningfulinventoryofintrinsicandextrinsicdata;determinethevalueandriskofeachofthedatasets;developaframeworkforusingthedatatoleverageitsvalue;andensurethesafetyofdataassetsandsafeguardcustomerprivacy.
1. IdentifyUsinga“commoncategoriesapproach,”firstsortthetypesofdatainyourinventory:
� Intrinsicdataisdataproducedbyyourbusiness� Extrinsicdataisdataproducedaboutoraroundyourbusiness� Mapthesystems,thenfocusonthedatasets
Thetreerapidlyexpandsandallowsyoutoidentifydatasetsandpotentialpersonaldata.
B2SMBPLAYBOOK:DataStrategy&PrivacyforB2SMBCompanies©2018B2SMBInstitute 13
B2SMBPLAYBOOK:DataStrategy&PrivacyforB2SMBCompanies©2018B2SMBInstitute 14
2. ValueItcanbeusefultothinkofvaluesinbuckets—sortingitbetween“barterorcommoditized”data,upthelineto“valuableornascent”data;“highlyvaluableorestablished”data;andthenfinally“uniqueorcriticaldata.”Themainideainthissortingistoprioritize:
� Valuationisaboutpriorityandrisk� Figureoutwhichdatasetsaremostimportant
� Understandwhichhavethemostpotentialrisk(personaldata)
Onceyouhaveidentifiedandvaluedyourdataassets,compilethemintoadatabrieforadictionary.Thiswillbealivingdocumentforyoutoupdateandreferenceandwillsaveyourproduct,sales,andbusinessdevelopmentteamsaworldoftime.
B2SMBPLAYBOOK:DataStrategy&PrivacyforB2SMBCompanies©2018B2SMBInstitute 15
3. StructureOnceyouhavegraspedthenatureandvalueofyourdatasets,youcandevelopabusinessplan,datapartnership,orbusinessframeworkaroundthem.Thiskindofstructureisabouthowyourdataconnectsbothinternallyandwithdatapartnersinlegal,technical,andstrategicways.
UsethisopportunitytoIdentifywhichkindofbusinessplanordatapartnershipsmakesenseforyourcompany,ascertainwhatyourvaluepropositionis,andestablishthekeymetricsforprojectsuccess.
B2SMBPLAYBOOK:DataStrategy&PrivacyforB2SMBCompanies©2018B2SMBInstitute 16
4. ProtectThewholepointofPbDistoprotectdata(andyourself)ateverystageofthebusinesslife-cycle.Thisisanessentialpartofeachofthestepsinyourbusinessplan.Thisiswhereyousafeguardyourowndatasetsaswellastheprivacyandsecurityofconsumerinformation.Protectingyourdataassetsalsoprotectsthoseofyourclients.
Whydothis?GDPRandotherlegalregimesrequireit,customersdemandthatyouprotecttheirdata,andshareholdersexpectthatthecompanyisdoingthis(andwillsuetoenforcethatexpectation).
B2SMBPLAYBOOK:DataStrategy&PrivacyforB2SMBCompanies©2018B2SMBInstitute 17
Protecting
your
data assets
also
protects th
ose
of your clie
nts.!
SomestepsthatcanhelpensurePbDanddecreasedataliability:
1. HiringadedicatedDataProtectionOfficer(DPO)
2. Deployingadataauditteam
3. Usingdataaccesscontrols
4. Providingdetailedreporting
5. Cybersecuritymeasures
6. Legal/contractualprotections
7. Useofdatascans,crawls,andseedstoalertyouifsomethingisamiss.
Allovertheworld,privacyregulationsaregrowing.Dataisconsideredbymany“thenewcurrency,”butthatalsocomeswithamassiveregulatoryfocusandnewchallenges.
PbDandtheDatasmartMethodcanhelpensurethatyourcompanysurvivesandthrivesinthenewprivacyparadigm.
B2SMBPLAYBOOK:DataStrategy&PrivacyforB2SMBCompanies©2018B2SMBInstitute 18
SourceMedia,anObserverCapitalcompany,isaninnovative,growingdigitalbusinessinformationandperformancemediacompanyservingsenior-levelprofessionalsinthefinancial,technologyandhealthcaresectors.BrandsincludeAmericanBanker,PaymentsSource,TheBondBuyer,FinancialPlanning,AccountingToday,Mergers&Acquisitions,NationalMortgageNews,EmployeeBenefitNewsandHealthDataManagement.
WardPLLCoffersclientsexpertiseindatasecurity,informationmanagement,andprivacy,whileprovidinghighqualitylegalservices.LocatedinMiami,WardPLLCcombinesthescopeandexperienceofalargelawfirmwiththeenthusiasmandefficiencyofastartup.
B2SMBPLAYBOOK:DataStrategy&PrivacyforB2SMBCompanies©2018B2SMBInstitute 19
TheB2SMBInstituteisthefirstprofessionalorganizationfocusedonadvancingexcellenceinthebusiness-to-small-businessecosystem.
B2SMBleaders,practitioners,brandsandenterprisesrelyontheInstituteforcriticalmarketintelligenceresources,peer-to-peernetworking,best-practiceguidanceandspecializedskillsdevelopment.
TheB2SMBInstitutechampionssmall-business-centricthinkingandpractice,withafocusonhowtoreach,engage,win,keepandgrowSMBcustomers.
Ourmember-drivenorganizationservesasadynamic,dailydestinationtofind,meetandnetworkwithB2SMBdecision-makerswhosharecommonneeds,challengesandgoals.
Visithttps://b2smbi.com/fordetailsonresources,benefitsandmembershipopportunities.
B2SMBPLAYBOOK:DataStrategy&PrivacyforB2SMBCompanies©2018B2SMBInstitute 20
Playbooks19istheB2SMBInstitute’snewestevent,featuringpeer-to-peerworkshopsonhowtosuccessfullywin,keepandgrowsmall-businesscustomers.
TheprogramwillfeatureleadersinB2SMBmarketing,sales,productdevelopment,customerservice,deliveryandmore,offeringB2SMBpractitionersacrashcourseindoingtheirjobsbetter.
LEARNMORE:https://b2smbi.com/playbooks19/
B2SMBPLAYBOOK:DataStrategy&PrivacyforB2SMBCompanies©2018B2SMBInstitute 21