GDPR is fast approaching and will impact how you manage the data your organisation holds and the way you communicate with contacts. In our previous blogs we discussed the 6 requirements of GDPR and the 8 principles driving the changes but what does GDPR mean for your CRM system?
GDPR puts more emphasis on having a great CRM solution. As part of GDPR you need a single source of truth on personal data. For most organisations, this is its CRM system. The best approach is normally to build out the data in your CRM and ensure its compliance.
The impact on marketing strategy will vary depending on whether you target businesses or consumers. For organisations targeting businesses, as long as you are promoting a product that might be relevant to your target organisation, you are allowed to reach out to relevant people at that organisation. You do need to provide them with the ability to opt out of every communication but you are still allowed to prospect. For consumers you now need them to opt in to communications and may even need to go back and revisit the historic opt in consent you have been relying on.
Features of a CRM that will support GDPR compliance:
- All interactions with each contact should be tracked within the system and presented in one place as a 360-degree view. This can be extended to track other information that might be specific to your organisation. Being able to view all your data in a contact-centric way simplifies the task of servicing requests for information in a timely manner.
- Contact Preferences –Each person’s contact preferences needs to be set according to their wishes. These settings should be enforced by the system ensuring no one in your organisation contacts people they shouldn’t, or in way that they don’t want.
- Unsubscribe – You need the ability to capture marketing opt outs at the source rather than relying on a manual process to update your contacts, as with an external email/marketing tool.
- Data Expiry – To automatically delete data when its expiry data is reached, or if you prefer, sends a notification email to your data controller; whatever is required to support your data management processes.
- Role based security – The security framework should allow you to control exactly what a user in your organisation can do in the system and what sections of your data they should have access to view or update. This level of control can normally be applied right down to individual fields on a record. Additional access can be granted to an individual user or team on an ad-hoc basis if required of flexibility
- Auditing – It should track who is accessing your system, what changes are made to your data and exactly when those changes were made. This type of data can be useful when identifying the exact timeline and source of any breaches.
- UK based cloud storage – With GDPR your data needs to stay in the UK with many software providers offering regional storage.
Dynamics 365 For Sales
Dynamics 365 for Sales is Microsoft’s leading CRM solutions. Microsoft have been working hard over the past months to enhance a number of security and access features to create a platform that provides a great foundation for GDPR compliance. Dynamics 365 for Sales can be used for more than just customer and prospect information it is designed to manage all of your stakeholders including; partners, suppliers, media and others. Dynamics 365 for Sales provides capability that meets the 7 requirements named above, it is a cloud based system that provides you with a flexible and secure CRM.
Having a strong CRM that is set up correctly is a great first step towards GDPR compliance. Following this with a process review to understand how data travels throughout your organisation is key to ensuring compliance