Connect with us

Technology

GDPR Is Coming – And SA Firms Are Not Ready

SA SMEs face fines of up to R300m for poor customer data management processes under new EU law.

Tracy Bolton

Published

on

data protection

On 25 May this year, a new piece of legislation comes into effect in Europe that could have severe consequences for non-compliant South African businesses. The General Data Protection Regulation – or GDPR for short – is a regulation under European Union law that aims to give control over personal data back to EU citizens.

The regulation applies to any organisation that collects or processes data from EU citizens, even when that citizen or organisation is based outside the EU. The European Commission defines personal data as “any information relating to an individual, whether it relates to his or her private, professional or public life”. This includes names, home addresses, photos, email addresses, bank details, social media posts, medical information, or even a computer’s IP address.

The fines for non-compliance are severe and could spell the end of a business practically overnight: the maximum fine is as much as €20-million, or nearly R300-million. What’s more, the regulation is far-reaching: any company with an EU citizen among its workforce, or a customer based in the EU, or even if only one of the subscribers to a company newsletter is based in the EU, that company can be held liable under GDPR. Few if any mid-sized South African firms could afford such a steep sanction, and legacy issues compound problems around compliance, increasing their risk and potential liability.

Related: Are You Protecting Your Customer’s Data?

In response, local firms are taking unprecedented steps to ensure they and their customers remain within the confines of the new regulation, especially considering the volume of trade and collaboration between African countries and their European counterparts.

Legacy processes add complexity to compliance

Most mid-sized firms have deliberately or inadvertently built up internal siloes related to how customer, business and other operational data is stored. For example, in a typical retailer’s marketing department, the data storage systems that processes newsletter subscriptions via email may be entirely removed from and non-integrated to the WhatsApp number where much of the customer communication takes place.

This means a customer that unsubscribes to a newsletter via WhatsApp may still receive the newsletter until such a time as the retailer can integrate the two sets of data.

When GDPR comes into effect, companies will not only stand liable for fines should the above scenario play out, but they need to be able to provide customers with complete clarity on how their data is stored and managed at any point in time. Any costs incurred in the process of showing how customer data is stored is also for the company’s own account, which adds not only complexity to standard business processes but also potentially additional costs.

Considering the prevailing trust deficit between consumers and brands, the potential of being exposed for treating confidential customer data poorly is immense. Once trust is breached, affected customers are unlikely to engage with the brand again, and will leave a searchable and public trail of comments on social media for all to see. The recent case of Facebook – which now faces a fine of as much as $2-trillion – has brought this to the forefront of consumer consciousness, but other examples of poor customer data management abound. Closer to home, the leaking of 31 million records at the Master Deeds Office revealed the ID numbers, addresses and income estimates of millions of South Africa citizens.

On the basis of consent

For South African businesses, however, new technology tools could play an invaluable role in mitigating risks associated with GDPR and its South African counterpart, POPI. A recent investment by SAP into Consent is simplifying the business processes associates with creating trusted digital experiences within the limitations of GDPR and POPI compliance.

Part of the SAP Hybris suite of applications, Consent enables SMEs to centrally manage customer preferences and consent settings throughout their full lifecycle, while putting them in control of their own data. Consent enables companies to be transparent, gain loyal customers and protect their business from costly fines as well as potentially disruptive business processes related to proving to customers how their data is being stored and managed.

In line with modern business demands, Consent is also provided in the cloud, making it quick to implement and easy to prove ROI. Every time a policy changes, customers can receive an automated notification that they actively accept, with a record of such forms of consent stored centrally to allow SMEs to quickly and accurately prove responsible customer data management.

Whether you run an online retailer with customers around the world, or a news website where a European citizen may occasionally offer a comment on an article, GDPR holds inherent risks to your business. But with the correct technology tool, a potential R300m liability can be transformed into a competitive business advantage that furthers the cause of trusted and trustworthy digital customer experiences.

Related: Five Tips for Effective Marketing that Complies with the POPI Act

Here are five immediate steps South African companies can take to limit their GDPR risk:

  1. Educate staff: Make sure everyone in your company understands what GDPR and POPI means and what is recognised as personal information.
  2. Understand the current state: Ensure you understand what data is being stored – and where it is stored.
  3. Inspect the data: Get to grips with exactly what personal information is being stored where. Categorise data (for example names, email address, ID numbers) and delete data that is not needed.
  4. Implement processes: Put in processes and systems to handle all data, including acquiring, accessing, maintaining and disposing of information.
  5. Improve reporting: Regular audits will be needed to ensure the processes are being followed, and to know at all times where data is being stored, who has access to it, and how a potential breach of data will be handled.

Technology

AI Will Probably Be Running Your Business Better Than You In 2028

Many local businesses, especially SMEs, consider AI “Tomorrow’s problem.” Failure to prioritise its adoption, though, could hobble your organisation in an increasingly competitive, fast-moving and disrupted business environment.

Rob Lith

Published

on

artificial-intelligence

The average South African may be familiar with AI (artificial intelligence) via virtual assistants like Siri, but the technology – where algorithms are applied to data for findings that greatly improve decision-making, customer experiences and products – is already at play in business locally.

In the financial services sector, AI is assisting investment bankers in their product recommendations as it’s unaffected by human emotional bias and memory lapses. The same analysis could be used by a cellphone retailer to pinpoint the best offer for a customer by cross-referencing their profile with the business’s full catalogue. In both cases, AI is not making the final decision, but deepening the decision-making process.

From a telecommunications perspective, AI chatbots can summon credit scores instantly and enable real-time automated transcription of phone calls. In future, it will be possible to detect customer emotion through voice analysis – using Google Cloud Natural Language API, for example – and alert call centre agents.

AI has uses beyond customer-facing interactions too. For logistics companies it effortlessly optimises delivery routes, helping to save time and fuel spend.

The future of business requires a balance of proactivity and rapid reactivity. Without AI to enhance operations, an organisation runs the risk of becoming too slow – giving advantage to more agile competitors as greater efficiency becomes the customer expectation norm.

what-can-you-do-to-integrate-ai-into-your-organisation

What can you do to integrate AI into your organisation?

Use what’s available

You don’t need to reinvent the wheel. Amazon Web Services, Microsoft and Google have thousands of developers working on AI. You could invest in proprietary systems but there’s already a massive selection of micro services available from major providers and other developers. Leverage off them.

Even if you aren’t ready to fully embrace AI, any decisions you make now, especially around your CRM platform, should consider the ability to connect to AI services. A rigid standalone system will prevent you from taking advantage of AI functionality. And as each provider has specific strengths, your software should be able to integrate with multiple AI services.

Related: Can Computers Replace Human Accountants? We Doubt They Can

Embrace the cloud

AI and its companion process, machine learning, crunch massive amounts of data. Unless your organisation is well-resourced, you may not be able to store and process all this information. The vast majority of analytics-focused solutions are cloud-based, removing infrastructure burden from your shoulders. To take advantage of this, you’ll need a reliable high-speed internet connection to transmit information to and from providers.

Educate and equip your workforce

Given the claims that AI will cause job loss, it’s important to get staff accepting of AI. In some spheres, it’s likely employee numbers will increase to handle the greater number of enquiries made possible by AI. Even in industries like mining and automotive assembly – where the integration of robotics and AI seems more likely to cost jobs – new positions will appear, and coding will become essential. The best thing a company could do today, then, is to start educating and upskilling employees for an AI-enabled future.

In short, there’s no reason to be intimidated by AI. As its analytical capabilities becomes more sophisticated, it’s likely to become even more beneficial in business, evolving from a useful tool to a reliable partner, drawing without emotion on a wealth of information to advise, but always leaving the final decision to the business owner. Companies right now should turn to solution providers to bring this invaluable colleague on board before it’s too late to catch up.

Continue Reading

Company Posts

Protect Your Business – Let The Right MSP Manage IT Security For You

Don’t let IT Security add to your pressures — let the right MSP manage it for you and have peace of mind while protecting your bottom line.

Kaspersky Lab

Published

on

kaspersky-lab-online-security

With smaller teams, pressure always mounts and there is seldom enough time in one day to give all areas of a business the right focus. SME owners are required to appropriately apportion their time. Innovation and a commitment to growth are always priorities, along with the areas within a business that seek the most attention or ‘shout the loudest’ — but this should never shift the owner’s focus from the core principle of protecting their business.

IT security intimidations — malware, viruses and threats — are designed to go ‘under the radar’ and often don’t shout until it’s too late. Dispersed focus, along with a lack of appropriate resources has resulted in IT security within SMEs not getting the consideration it requires. However, considering the constant increase in the number of cyber-security incidents and the damage these cause — especially to reputation — a relaxed attitude towards IT security is no longer a viable option for any SME.

Related: A Cloud Is A Cloud, No Matter What Business You’re In, Right? Wrong!

Rectifying this doesn’t need to add more pressure to the list of priorities a SME owner manages. Rather, the situation calls for a reliable third-party investment to take care of the business’ IT security needs. Managed Service Providers (MSPs) offering security services that will adequately protect the business and take the worry of IT security on board could be that helping hand. But, outsourcing IT security components of the business requires investment into the right solutions as well as trust.

Therefore, SMEs should seek the services of providers that offer best-in-class, affordable, worry-free and integrated security solutions that pass on the right protection and benefits to their client’s business.

In 2017, Kaspersky Lab launched a specialised MSP partner programme to equip service providers with tools, training and expertise, to become a reliable partner for businesses, including SMEs. Given the success of the partner programme, Kaspersky Lab is constantly expanding its offering to MSPs, including solutions that fit the profile of what an SME needs to achieve effective protection.

Top benefits of outsourcing your IT security to a trusted MSP

  • Advice on your organisation’s current security posture, identifying gaps that need to be ‘plugged’
  • Access to IT security knowledge — MSPs take the worry out of IT security by offering solutions that best meet your IT security needs
  • Support for adequate protection against the myriad threats continually facing businesses. The right MSP knows how the cyber-threat landscape is evolving and keeps up to date with the latest threats, filtering this into your business operations for effective protection of your sensitive assets.

Related: Is Data Protection One Of Your Top Concerns? It Should Be

Kaspersky Lab not only supports the protection of SMEs through the solutions on offer, but it also aims to support and assist MSPs in growing their services to accommodate the needs of the SME market — ensuring all businesses can take the right steps towards effective IT security.

For more information on Kaspersky Lab solutions please visit: www.kaspersky.co.za

MSPs interested in joining Kaspersky Lab’s programme can visit: www.kaspersky.co.za/partners/managed-service-provider

Continue Reading

Technology

What’s The Best Products To Sell Online?

If you’re selling online or thinking of starting an online business then you’re probably wondering what’s the ultimate product for you to sell. Read on to find out how to pick a winning product…

Warrick Kernes

Published

on

best-products-to-sell-online

So I’m not talking about the top selling product of the year and if you were looking at that product then you’re probably too late anyway. What I am referring to here is the best suited product for you to sell online from an ease and profit point of view. Here are five key aspects to consider:

1. Product weight and size

Your courier fee is calculated on either the volumetric weight or the actual weight of the product – whichever is the larger number. A large box of feathers would be charged using the volumetric weight whereas a similar sized box of bricks would be charged on the actual weight. This means that large and heavy products attract higher shipping fees, which you or your customer need to cover.

Some couriers do ship bulky items at fair rates but your customer will need to compromise on having a slower delivery timeframe. Another factor to consider is that your warehousing fees will be significantly higher for bulky items. So your ideal product in this regard is a product which is small and lightweight.

Related: Watch List: 15 SA eCommerce Entrepreneurs Who Have Built Successful Online Businesses

2. The selling price

Products which sell for over R5 000 tend to require more customer engagement which results in time costs and a possible requirement for in-house product expertise. Products selling for lower than R500 can leave you with a profit margin which is not high enough to sustain the direct costs of completing the sale unless you are selling high volumes. Ideally your product will sell at a price point between R500 and R5 000.

3. Product support

Technical products attract a lot of pre-sales questions and also after-sales support. This means that you’ll need trained up team members permanently ready and available to help your customers. Having this in place is vital for ensuring great customer service but don’t forget about the time-cost of having your team members constantly engaging in pre and post sales support.

Be sure to also research the failure rate of potential products. Some of the best brands in the world still have an acceptable failure rate of 3%. The costs here include your time to arrange the replacement, courier fees to collect and re-deliver plus you might need to use your own inventory for the replacement until the supplier issues your replacement units.

The ideal product to find would have low or no technical support and a low return rate.

Related: 6 Steps To Building A Million-Dollar Ecommerce Site In 60 Days

4. Local regulations

Products that require local certification through regulatory bodies such as ICASA, NRCS and MCC could result in extra costs, administration and possible delays on launching your product in the market. Being aware of how these kind of regulations will impact your product in mind is vital when choosing your products to sell. Ideally if you can find a product that doesn’t require regulatory certification will be the easiest to bring to market.

5. High margins!

There is a perception that online retailers don’t need high margins because they have such low overheads. This can be true if you’re running a lean operation; however, if you sell products with less than 20% margin then you’re setting yourself up for a challenging operation. Higher margins can give you the cushioning for the mistakes of your learning curve. Once your business is running smoothly you’ll have more to reinvest and ultimately you’ll have a more successful business if you can find a product that sells well and has high profit margins.

Continue Reading
Advertisement

SPOTLIGHT

Advertisement

Recent Posts

Follow Us

Entrepreneur-Newsletters
*
We respect your privacy. 
* indicates required.
Advertisement

Trending