ArticleBest PracticesAugust 3, 2018
How To Manage GDPR Compliance Using Technology Image

How To Manage GDPR Compliance Using Technology

GDPR-mageddon is behind us, but it's still an ongoing challenge for IT teams at global companies to manage all the different security and privacy standards for each of their customers and stakeholders.

As we transition from implementation mode to operational mode with the European Union's General Data Protection Regulation (GDPR), the question of how to manage the day-to-day tasks is critical. Our approach has been to leverage existing tools wherever possible. So for instance, we manage the workflow for privacy requests using our standard ticketing system, simply adding some new categories and workflow rules as needed. Of course, we use Gainsight for most customer-focused activities, so it was natural for us to leverage the Gainsight platform to help us manage the Data Privacy Agreement (DPA) process.

I wanted to give you a good framework for a technology process to help you with GDPR or really any data security compliance problem. But I also want to showcase the possibilities for IT teams who have a really flexible platform in their toolbox. We were able to manage GDPR implementation in three simple steps inside Gainsight.

Managing the DPA Process

The DPA is a Data Privacy Agreement that we have to have signed by our vendors (if they are custodians of any customer data) and customers (if they have any EU citizens/residents in their customer data). The challenge was that we needed to email out the agreement to hundreds of customers, then track their status (Is the DPA sent, in progress, or signed). By employing the Gainsight platform we are able to easily manage the process in a way that provides visibility to everyone who engages with the customer as to their DPA status.

1. Automated Outreach

First, we used Journey Orchestrator to automate sending emails to our customers. This was great because it not only handled the mechanics of bulk mailing but provided detailed metrics about which emails were opened, responded to, or bounced.
GDPR JOscreenshot gainsight jbcxm.na78.visual.force .com 2018.08.02 16 02 14

2. Security Dashboards

Since this is all in Gainsight it’s easy to create dashboards to help the Privacy team manage the process from email to completion.screenshot gainsight jbcxm.na78.visual.force .com 2018.08.02 16 01 12

GDPR pie 1

GDPR pie 2

3. Capture Status

Then once the DPA is signed by the customer, we capture the date in Gainsight on the customer object so everyone who works with the customer can see their status.

screenshot gainsight jbcxm.na78.visual.force .com 2018.08.02 15 58 33

Flexibility Enables Innovation

By using Gainsight we made it easier to implement GDPR and also live with it on an ongoing basis. But what's so cool about this process (especially from an IT perspective) is how we used our existing Gainsight platform beyond a “traditional” Customer Success Management use case.

As an IT leader, I can't tell you how excited I am to adapt tools we already have and use to solve new problems as they come up. If you're trying to address a customer-related need, it’s good to consider Gainsight as a possible place to do it. With workflows, dashboards, and an adaptable rules engine, the only limit is your imagination!

If you're an IT leader, I'd love to connect with you to find out how you're managing Customer Success challenges. Please leave a comment below and I'll get in touch with you!

Picture of Karl Mosgofian
Karl Mosgofian Chief Information Officer

Leave a reply

Your email address will not be published. Required fields are marked *

Shares