We’ve all been in this situation before. You unexpectedly run into a colleague when you’re out to dinner somewhere. You recognize his face, you know what company he works for, you may even recall a conversation you had about his kid’s soccer team, but for the life of you, you cannot remember his name. Maybe you’re able to play it off so that no one is the wiser, or maybe, in the ensuing conversation, you casually admit, “I know YOU. I just can’t remember your name.” It’s a little bit embarrassing, but it happens all the time, right?
Now let’s apply a similar situation to the realm of entity management. Your organization likely has thousands of contacts to keep track of on a daily basis: employees, board members, customers, vendors, service providers and prospects. In all likelihood, personal information from most of these contacts is registered in a number of different databases scattered across your organization. But what happens when that information changes? Changes in one database do not necessarily register throughout the organization, as many of these databases are often siloed.
The result can be more serious than just a case of stumbling over someone’s name. Using incorrect contact info can be a sure way to sour the tone of a sales call. Further, you might be wasting time and resources trying to send information to a contact who has moved on to another company or into another role.
Current Contact Databases Make the Difference for Compliance Initiatives
As if you needed one more reason to maintain a current contact database, let’s look at the issue of compliance. Many compliance initiatives require up-to-date rosters, including current contact information, for board members, stakeholders, customers or vendors. For example, the UK’s Persons with Significant Control Register (PSC) requires complete, current contact information for any stakeholder who wields considerable influence over a UK company. Authorities use this information to trace company ownership and influence in an attempt to combat corruption, money-laundering and the funding of terrorist activity.
Two other regulatory measures have lately been in the news, reflecting the public’s increased awareness of their need for data privacy: the EU’s General Data Protection Regulation (GDPR) and its American cousin, California’s Consumer Privacy Act (CCPA). Both of these regulations require companies to manage and secure current contact databases in order to meet compliance obligations.
GDPR Requires You to “Show What You Know”
Specifically, the GDPR regulates the ways in which companies collect, use, maintain and distribute the personal data of all EU citizens. Under its purview, “personal data” has expanded to mean more than just basic contact information. It now includes any and all data that can be linked to an individual, such as:
- Name, address or ID numbers
- Web data, such as location, IP address, cookie data and RFID tags
- Health and genetic data
- Biometric data
- Racial or ethnic data
- Political opinion data
- Sexual orientation
One of the challenges of GDPR compliance is that companies need to demonstrate their ability to report individualized customer data on request. GDPR mandates make it possible for an individual customer to contact an organization and ask for all data pertaining to their identity held by the company. What’s more, if they so choose, the company can demand that the company delete that data, exercising what has been called the “Right to Erasure” or “Right to Be Forgotten.”
Companies without complete, comprehensive customer databases will find it nigh impossible to comply with such requests. Over the past few years, we’ve seen the panic as organizations scrambled to comply with GDPR obligations, and recently, we’ve seen fallout from such companies as Facebook, whose inability to secure the personal data of its EU users has caused it to be liable for millions of dollars in reparations.
CCPA Follows in GDPR’s Wake
Like the GDPR, California’s new legislation, set to go into effect in 2020, is concerned with privacy rights as they relate to consumer data. These regulations apply to for-profit entities doing business in California that meet one of the following conditions:
- Gross revenue of more than $25 million
- Receives or shares personal information for more than 50,000 ‘consumers, households or devices’
- Receives more than 50 percent of its total revenue from the sale of personal information
As in the case for the European regulations, one of the biggest concerns for companies preparing for CCPA compliance has to do with the management of their customer contact databases. The CCPA mirrors the GDPR’s requirement for transparent data collection and storage by establishing a customer’s “Right to Access.” This gives California residents the ability to request and access “specific pieces” of personal information a business has collected on an individual, as well as indications of the categories of personal information collected, the purpose for the collection, and the categories of entities to which the personal information was either sold or disclosed for a business purpose.
The CCPA also establishes the ”Right to Erasure,” which allows customers to demand that companies and their vendors delete their personal information. Although there are some exemptions surrounding what the company might keep, it remains clear that to comply with such requests, companies need to be sure that their customer and contact databases are complete and current.
Entity Management Software Can Help
Perhaps you know your contact databases are a mess, and by now, you might be hanging your head in dismay. Well, buck up. There is hope for you yet. Entity management technology can help tame your unruly, siloed databases. Its data management platforms can help you create complete, accurate rosters and a single, reliable source of corporate information. What’s even better, these databases are easy to maintain and to update. A change registered in one unit can be broadcast across the organization with just a few simple keystrokes.
For more information on how entity management technology can help you maintain your personal information databases, get in touch with a Blueprint representative today.