Data Privacy Plans: When Creating One, Remember to K.I.S.S.

May 12, 2021

Data are at the center of business today. No matter what industry you’re in, you collect, store and use data every day.
This information likely helps guide your decision-making process in several aspects — from purchasing to marketing to sales to hiring. Data you collect on your current customers, your prospective customers and your website visitors, for example, help you run highly-targeted and highly-effective marketing campaigns.

As data proliferation is now a well-known fact, more people are becoming concerned about using their data. This fear and concern have sparked new legislation that regulates what businesses can and cannot do with the personal information they collect.

Whether it’s the GDPR in Europe or the CCPA and CRPA in California, new privacy protection laws force businesses worldwide to change their practices to become compliant. It’s possible, maybe even likely, that additional states could follow California’s lead and pass privacy protection laws of their own. A federal law covering all of the United States is possible, too.

In response, companies have been rushing to create an all-encompassing privacy protection plan that ensures their compliance with California’s current laws and preps them for future regulation as well.

Of course, the challenge is these laws are complicated, and building a full data privacy plan can be just as involved. The general approach is to create a massive program that covers every possible angle.

But is that necessary? In reality, it’s not. Like many other things in life, it’s best to follow the principle of K.I.S.S. — Keep It Simple Stupid.

Your Plan Should Fit Your Company

The acronym is a funny way of reminding people not to make life too complicated, as many of us tend to do from time to time. It doesn’t mean you’re stupid, of course — far from it.
This saying is perfectly suited for companies that are building a data privacy plan. Another phrase comes to mind as well: Less is more.

Privacy is a complicated issue, but that doesn’t mean you need to build an incredibly complicated plan. Just because privacy laws are blanket regulations does not imply a one-size-fits-all approach is appropriate.

In most cases, such an approach is not only inappropriate, it’s onerous, costly and unnecessarily time-consuming. A better approach is to build a privacy plan that fits your company’s risk.
That’s what we do at Compliance and Privacy Partners. We don’t let the regulators lead us. We help companies build a privacy project that is proportionate to their risk.

Doing anything above and beyond that doesn’t provide extra protection. It only complicates the compliance burden. Data privacy shouldn’t be about building levels of bureaucracy that rival that of the government. It should be about building simple, effective and appropriate solutions to well-intended protections.

There are Opportunities Where Gaps Exist

John F. Kennedy once said: “The Chinese use two brush strokes to write the word ‘crisis. One brush stroke stands for danger; the other for opportunity. In a crisis, be aware of the danger — but recognize the opportunity.”

That quote summarizes one of our three pillars to digital strategy consulting: Where gaps exist, so, too, do opportunities.

Many companies approach data privacy compliance as an arduous task they have to undertake. They seek to protect themselves from the regulatory authorities to fill the gaps in their current policies to keep them compliant.

That line of thinking is short-sighted, though. Companies that can understand there are opportunities to be had in this process are the ones who are going to separate themselves from the competition.

Instead of merely creating a data privacy plan that will abide by laws, why not use it as a way to connect with your current and prospective customers? Why not use it as a way to be a leader in your industry?

It’s amazing what opportunities you can find when you approach mundane tasks with an open mind. CAPP can help you do just that as you build your data privacy plan.

Relationships are What Matter Most

It’s essential to keep in mind that people are at the heart of your data privacy plan through it all. It’s not just the consumers whose data you are protecting but also your employees and business partners.

People are who are going to make your data privacy plan effective. Your customers have to believe that you are treating their data with care and are being responsible.

Your employees need to help you communicate this message and to execute the plan from the inside out. And business partners will serve an essential role in protecting this data exchanged between the two.

We Do More for Our Clients

We have busy enough lives as it is. There’s no need to make things more complicated than they have to be — even when we’re talking about something as crucial as data privacy compliance.
Privacy is a core value of ours at CAPP, and we can help make it one of yours, too. By working closely with your legal, HR, compliance and IT teams, we help you build a solution that matches your potential risk.

We not only build you a program that works today but anticipates what’s to come in the ever-changing world of data privacy, data security and regulation. Through it all, we help you see that compliance isn’t a burden but rather an opportunity.

Contact CAPP today to find out how we can guide you through the process of data privacy.