Consequences of not being GDPR compliant

GDPR is due to be implemented on May 25th, 2018 and the regulation places important new obligations on any business that handles the data of individuals living in the EU, independent of where the business is located. GDPR gives individuals more say over what organizations can do with their data, with strict fines for non-compliance and breaches. With new obligations on such matters as data subject consent, data anonymization, breach notification, trans-border data transfers, and appointment of data protection officers to name a few, the GDPR requires companies handling EU citizens’ data to undertake major operational reform.

Penalties for non-compliance of GDPR will be applicable to both data controllers and processors and will depend on certain factors, including:

  • Duration of the infringement
  • The quantity of the data subjects affected
  • Level of impact

For serious violation of the regulations, penalties businesses could be fined up to 20 million euros or 4% of global turnover, whichever is higher. Other fines carry penalties up to €10M or up to 2% of the total global revenue of the preceding year, whichever is greater. These punishments show it is important that compliance is met and GDPR is not ignored.

GDPR compliance is not just about fines or punishments, the risk of non-compliance can be extremely expensive in other ways. According to recent research, cyber-attacks can cost businesses anywhere from $14.00 to $2.35million per incident and data breaches and attacks are growing all the time. Therefore, the cost of an attack on an organization can have a significant impact. Lastly, there is the cost of the brand and reputational damage post attack.

GDPR
Consequences of non compliance of GDPR

GDPR Implementation – 10 Step Action Plan

The European Union’s General Data Protection Regulation (GDPR) which comes into effect from May 25th, 2018 represents sweeping new legislation designed to protect data rights of EU residents. It affects every organization that interacts with an EU resident in any waywherever that organization may be. Fines for failure to be GDPR compliant can be severe: 20 million euros or up to 4 percent of global revenues, whichever is greater.

While some organizations have already implemented processes and software and appointed DPOs to take care of their GDPR compliance, many organizations are still finding their way. Marketers, in particular, need to educate themselves on GDPR and take action to ensure they’re compliant in the ways they collect, manage,  process and share information.

While every organization needs proper consultation and legal advice on being GDPR compliant, here are 10 things to do and consider as a framework for GDPR compliance to give you a head start on your own efforts, or to compare to the work you’ve already undertaken:

(1) Raise awareness and create alignment, educate all the company stakeholders so that they can anticipate the impact and potential risks of GDPR

(2) Map your information and perform a detailed data audit. In particular, you need to have answers to the following basic questions about your data:

  • Who are our data subjects? Who has access to sensitive data?
  • Where do we keep their personal data? Where do we transfer personal data to?
  • Why is personal data under our control (for what legitimate purpose)? Why do we share it with third parties? Do third parties share it with other entities? If so, who, how many and to what purpose?
  • When are we keeping personal data until? When do we share personal data with others?
  • What mechanisms do we have in place to safeguard personal data?
  • How is data being processed? How long should it be kept?

(3) Do a full review of current privacy notices and ensure that these will align with requirements under GDPR before it takes effect. At the minimum, the following points should be covered:

  • The identity of the controller and of the data protection officer.
  • Conservation period (how long data will be kept).
  • The right of access, rectification, restriction, and objection.
  • Right to lodge a complaint.
  • Recipients and transfers of data.
  • State the right to withdraw consent at any time.
  • Explain the legitimate interest of the controller or of a third party (if relevant) in the collection of the data.

(4) For being GDPR compliant, organizations must be able to demonstrate that they can respond to a data subject’s personal data request, and generally, this must be done within 30 days.

(5) Perform a Privacy Impact Assessment (PIA) – review your data processing activities and identify and document the legal basis for each type ensuring that no personal data is collected beyond the minimum necessary for each specific purpose of the processing.

(6) Manage consent of data subjects and ensure that consent is sought, obtained and recorded according to new guidelines, and that you are able to respond to inquiries regarding consent.

(7) Ensure data security and implement a process to report data breaches by providing a mechanism(s) to pseudonymize, encrypt or otherwise secure personal data

(8) Privacy by design and default clause of GDPR compliance requires that all consumer interactions and touch points have privacy designed right into them and that their default mode is one of compliance. To implement this clause, plan, design and perform your data processing activities where by default, only personal data which is necessary for each specific purpose of the processing should be processed

(9) Appoint a Data Protection Officer (DPO) providing him/her with tools to maintain audit trails of processing activities to demonstrate accountability and compliance, liaise and assist supervisory authorities and monitor compliance with data protection laws

(10) Ensure that the data you’re collecting can be easily transferred or given back to consumers whenever they ask for it in a format that can easily be transferred to another data controller (this is known as “data portability”).

Where to start?

While all of the above-mentioned points are critical, if you want to kickstart your efforts, a good place to start is with information mapping and a data audit (#2 above). Not only will this help with GDPR compliance, it will also enable you to better understand your customers and make smarter choices when planning and allocating your 2018 budgets.

Technology has an important role to play as well in your endeavor to be GDPR compliant. Implement a tool like LuitBiz that has built-in GDPR compliance rules to manage all your data and documents using just one integrated and easy to use cloud-based software. This will help your organization not just compliant with GDPR but also better positioned to personalize your marketing activities for better ROI.

What is Document Management & how does it benefit your organization?

“Document Management System”, as the name implies, is a software system that helps organizations store, retrieve, index, publish and manage their documents electronically and streamline document approval processes. For many organizations, this process is amazingly time-consuming and too often ignored. However, the sheer volume of documents that an organization has to deal with makes a document management system useful and in some cases even mandatory for increasing efficiency and productivity as well as for saving time and paper.

Usually, a document management system includes the following functionalities:

  • Document storage
  • Version Control
  • Document Metadata
  • Document Indexing
  • Document search & retrieval
  • Administration & Security
  • Document Approvals
  • Document Collaboration

Beyond these, a document management system may include a whole host of possible features, including workflow modules, multiple file format support, mobile support, document email, customizable functionalities, etc. The price of a document management system varies accordingly and solutions should be carefully matched to organizational requirements.

Compared to non-electronic systems, document management systems offer reduced operational costs, improved efficiency and speed of retrieval, improved consistency, and more safety (both in terms of file backups and security measures). There are hundreds of systems out there, each with their own strengths and weaknesses. The points to consider are: purchasing/set up costs, types of features, training, upkeep, ease of use etc. Be sure to assess each one in light of your specific needs and your organizational processes.

With an electronic document management system, you no longer will have the insecurity of losing documents because they are all in one secure central electronic repository. You will also not be wasting time like the olden days when multiple people used to retrieve documents from various locations and multiple file cabinets. With online document management, the documents are immediately retrieved by the person looking for information. This not only makes them more productive for that one task, it shifts the focus from the document retrieval to solving the original issue.

CRM Software India

Why is a CRM System Required?

CRM Software Systems are very essential for Success as well as General Day to Day Management of any company. Keeping proper records required and having a system in place for Customer Relationship Management increases not only sales, performance and profits of a company but also image and goodwill of a company in the eyes of customers as well as general public.

The Size of the Indian CRM Market

The Customer Relationship Management (CRM) software market in India is on a clear growth path. The purpose of business is to create and keep a customer – and every executive understands the truth of these words. Today, when businesses are scrambling to get customers, the importance of Customer Relationship Management cannot be ignored. That’s why analysts, vendors, and solution providers remain bullish about the growth of CRM software solutions in India.

Analysts have consistently referenced double digit growth figures since 2000 and continue to forecast CRM growth in India at increasing rates. According to Gartner, the Indian CRM market size is about 15% of the overall Asia Pacific (APAC) market, the second largest in the region, after Australia. Between 2009 and 2014, CRM in India is projected to grow at a compound annual growth rate (CAGR) of 16% to 19%.

The Requirement of the Indian Market

There are several CRM software options available in the Indian market. You will get easily on the Google but while choosing the system, you should choose “All in One CRM” or “Integrated CRM” so that it manages your complete customer processes. Integrated CRM software not only records your customers’ contact information but also remembers the details of your relationship and every interaction with your customer. That information is a gold mine of opportunity, allowing you to identify prospects for up- or cross-sell your products and services, target new marketing, or even track invoices. In India, employees generally use a spreadsheet to pass on information about past sales or share email threads that show a customer has been a loyal patron. But such information is often left to casual word of mouth, which means it’s often missing when needed or entirely forgotten. An integrated CRM software keeps this information in one place, efficiently organizes it, and makes it possible to take immediate action upon, such as sending a loyal customer a gift card on their birthday or offering an up-sell opportunity to a platform from which you know their business can benefit (based on previous conversations). The key is to select the software that’s right for the way your team works. The last thing you want is to see employees struggling to use the new software instead of interacting with the customer.

Another important aspect that needs to be kept in mind as far as software in India is concerned is that the Indian society is very particular about “personal touch”. Once you are able to win a customer’s heart, he will let his purse strings lose. Choosing the right CRM can help a lot in this regard. CRM isn’t just about tracking and maintaining contact information. While most look at CRM software as primarily a sales tool, it’s moved beyond that space. Marketing and customer service departments can dramatically improve their offerings and operations with CRM as well by using its data to more effectively segment demographics, and record and reuse customer incident information. CRM software also helps coordinate interdepartmental actions. For example, the sales team can take advantage of something a customer service representative discovered in a separate transaction. Depending upon the software you choose, you can set and measure sales goals, plan marketing campaigns, or keep an eye on what people are saying on social media. These actions will get you closer to your customer’s heart by providing a personal touch.

Last, but not the least, the use of mobile devices is on the rise in India. By end of 2017, India will have more than 500 million mobile users. In this case, the most important requirement for you to choose a CRM system in India is that the software should be compliant with mobile devices. This will help your sales and support people provide better support and close more sales even though they are on the move.

So, to sum up, the market requirement of CRM software in India are:

  • An integrated CRM with sales, marketing, contact and support modules
  • Easy to use with a very low learning curve
  • Should be accessible from mobile devices
  • Competitively priced

The Solution – LuitBiz CRM

Choosing the right CRM software for your business can dramatically improve your team’s collaboration and productivity, increase sales, and even heighten customer satisfaction. LuitBiz CRM is the right software for the Indian market as it fits the requirements of the market completely because:

  • It is an integrated CRM software with Marketing, Sales, Contacts, Support and Customer Portal module that gives a complete 360-degree view of all your customer processes
  • LuitBiz CRM is extremely easy to use. It has audio guides on each screen and you can get started within minutes of signing up
  • LuitBiz CRM is completely responsive and can be accessed from any devices connected to the Internet, anytime, anywhere. There is no need to download any mobile apps or desktop clients to access LuitBiz CRM
  • LuitBiz CRM supports multiple company locations – you can move from one company location to another with just one click and only the people who have access to a certain location can view the data of that location.
  • LuitBiz CRM is very competitively priced.

Using LuitBiz CRM Indian companies can formulate and direct their strategies, to make each decision with more intelligence and get a greater ROI in the long run. For more information on LuitBiz CRM visit http://bit.ly/1NcF0jN

Best practises for SMBs for adopting cloud based services

Any SMB considering a move to the cloud must understand that the perceived benefits can be short-lived without a plan that places cloud computing in the context of its overall business strategy and affects security, performance, and connectivity.

With cloud based software increasingly freed from ongoing infrastructure management to focus on new areas for innovation, business integration demands simplification. With this in mind, let’s look more closely at how SMBs should prepare themselves before adopting the cloud.

Best Practice #1: Create a strategy and a set of (realistic) goals upfront

SMBs are jumping in without articulating a long-term cloud strategy and how it relates to their overall business. As with any project SMBs need to establish realistic goals and priorities, a clear budget and deadline, as well as a shared understanding of what resources are available for implementation and maintenance. Although cloud computing promises significant ROI – productivity gains of 50% or more – keeping complexity and cost to a minimum requires planning and strategy. Start with a high-value, tactical problem that can be solved with a public cloud and use the project as a way to prove initial value

Best Practice #2: Learn from the mistakes of those who came before you

Early adopters took a standalone approach to cloud computing. The services were readily available, easy to consume, and economical. Implementation challenges were few. However the “detached” cloud might deliver only short-term value and potentially require future re-implementation or migration. Although a standalone approach risks creating silos of applications, an integrated cloud strategy will deliver long-term results to your business.

Best Practice #3: Avoid upfront costs

One reason SMBs turn to cloud computing and software-as-a-service (SaaS) is to mitigate risk. With a pay-as-you-go model, you can simply turn the system off if it is not working for you, and you only pay for what you use. Be sure not to jeopardize return on investment with expensive software licenses – your integrated solution, like every other part of your cloud computing investment, should use a flexible subscription model, too.

Best Practice #4: Get serious about security

Most of those in IT won’t dig your initial movement to cloud computing, and they’ll spout the usual concerns around security. It’s best to take this off the table as an install issue by providing a formal plan and technology solution. In this plan, make sure to include security testing and validation, which should put most fears to rest and move you to a much more secure final solution. Keep in mind that as enterprises move more processes to the cloud, the volume of sensitive data flowing to and from the cloud increases.

Best Practice #5: Include as many people as you can in the review process

Many cloud projects operate like they are secret projects in SMBs. However, the best approach is to include as many people as you can in the process of defining, designing, and deploying your first cloud computing project. As they walk through the progress of the project – perhaps in monthly review sessions and demonstrations – they’ll learn about the concepts and the technology, and the fear level will quickly fall.

Current economic conditions are driving SMBs toward cloud computing, and with good reason. No one can argue that the cloud doesn’t deliver value. It is already proven to be a disruptive force.  SMBs that follow these five practices are the ones that prevail in their move to the cloud. It’s not an all-encompassing list, but it’s a good guide toward your own success.

3 Reasons Every SMB Should Be Using SaaS

Starting and running a small business has never been easy. Geographic isolation, limited resources and not being able to access best practices have always been some of the hurdles faced by SMBs. These historic challenges can be tackled in new and better ways.  SaaS is the key to overcoming many of these traditional disadvantages and is the key to the SMB sector taking advantage of the digital revolution. There is a huge market demand in providing software to the SMB sector.

SaaS completely changes the rules of the business IT game. No matter how big or small your business is or where you are in the world, SaaS allows you to compete, grow and innovate with the best. Three big reasons why SMBs worldwide should consider using SaaS business software are:

  1. Any company can now base their business on best in class software: For a few dollars a month any business located anywhere in the world can have access to the best-in-class business software available globally. These include CRM, sales force automation, HRMS, accounting, document management, etc. These services that have been traditionally available only to enterprises are now made available via SaaS to SMBs using which they can streamline their business processes to increase efficiency and gain more profits.
  2. Reaching bigger or more distant markets used to be about financial muscle and shoe leather: The whole process of inbound marketing – search engine optimisation, social media, pay per click, etc is now available at the touch of a smart phone screen via SaaS. Customers today actually prefer this type of selling. The days of the high paid salesman and the multimillion dollar marketing campaign are fading. Everyone can be a global player. SMBs have never had a better opportunity for growth.
  3. The emergence of shared and integrated IT elements: One key feature is the emergence of shared IT elements. The cloud is an obvious starter. APIs, interdependent software and data applications and common software components link many SaaS applications. Not only can a SMB afford the world’s best software, but it can be integrated and work as one, almost without effort. Communication and collaboration are becoming essential to business success. Additionally the emergence of integrated business software targeted towards SMBs is a big boon to this sector. SMBs can just subscribe to one software that inter-relates all their business processes seamlessly and manage their entire business from their smart phones from anywhere in the world.

One concern remains. Businesses owners do have tough and busy lives. For many, their business is their life. Finding the time to take advantage of the SaaS opportunity is not simple. Awareness is a real issue. Luckily the SaaS model can also help here. SaaS is a short term, pay as you go model. There is no capital cost and there need not be a long term contractual commitment. Most SaaS companies offer a free trial of 14-30 days. So you may be able to test what works for no cost at all. This means you don’t have to do everything at once. Instead think of a different approach. Write down your 3 biggest business problems. Do a quick Google search and find the SaaS products that might help. Pick one and give it a try.

You will need to make changes to take advantage of SaaS. These can be incremental and low or zero cost. The rewards can be great. Because there is little commitment, you can ditch things that don’t work. There is a whole world of digital opportunity out there for SMBs. Get out and give it a try.