With the recent passing of the anniversary of implementation of the EU’s General Data Protection Regulation (GDPR) on May 25 (bon anniversaire!!), many organizations impacted by the sweeping data privacy law are no doubt taking stock of the work they’ve done (or still have yet to do) to overhaul internal data management, allocate IT security resources and update documentation with data processing vendors.
Perhaps more than anything for those organizations affected, GDPR has redefined our overall thinking around what constitutes personal data and the individual rights assigned to a person’s data when we touch it.
GDPR applies to personal data of individuals resident in the EU. Now, with the enactment of the California Consumer Privacy Act, or CCPA, as it has become known, GDPR-level data privacy regulations have arrived in the United States, taking effect January 1, 2020. Meanwhile, Washington, Hawaii, New Jersey, New Mexico, New York, North Dakota, Rhode Island and Utah are all considering CCPA-like bills. In the wake of the Facebook testimony to Congress on the Cambridge Analytica data scandal, a federal privacy bill looms imminent.
Organizations that have had to prepare for GDPR compliance will be better positioned for CCPA and its analogues in other states than those that haven’t. For investment management institutions, or the strategy or consulting firms who often advise them, interactions with expert network firms may be a secondary consideration above addressing GDPR compliance for their employee, customer and marketing data. However, during the second year of life-after-GDPR regulators will expect impacted organizations to be embedding privacy deeper into their business, including relationships with service providers. Improved management of expert network interactions, in a way that also offers solutions for compliance with GDPR-like data privacy regulations, is certainly on the radar-screen for most investment management and consulting firms.
Coleman Research is helping its clients address these issues through the release of its SaaS technology offering, Coleman Exchange. We are excited about Coleman’s new software solutions that are hitting the market in 2019 and believe they will allow a range of types of institutions to better manage interactions with third party research providers and industry contacts in a way that meets the rising tide of data privacy regulation in the U.S. and the EU!