3 things you're probably doing wrong in your GDPR project (and what to do instead)
These days, GDPR projects and software implementations that are delayed or off track are like giant change management puzzles I get to put together.
Lack of resources is always the biggest piece missing.
There are 94 days until GDPR takes effect, so if I were you I would eliminate these 3 resource-wasters:
Tip #1 Stop information cascades as your primary communication channel (or stressing about not having one)
Tip #2 Stop looking at your change and communication plan (or stressing about not having one)
Tip #3 Stop having your GDPR team in charge
I don’t know the details of your exact situation, but I will say this:
If you are like most of my clients you are probably feeling stressed, worrying whether you can stay GDPR compliant after 25 May – and you really don’t want to waste any resources doing unnecessary activities.
There are 94 days left until GDPR takes effect, and if you need your business to become and stay GDPR compliant, a simple, efficient and iterative approach to communication and process change management will drive more positive results for your business.
Unfortunately, most activities that fall under the category of ‘communication and change management’ has a bad reputation when it comes to simple and efficient. Some people get lost in visions and strategies when deciding on which activities to do. Or worse, they focus their activities on long term goals that doesn’t persuade any important stakeholders to engage in them right now.
But don’t worry. It is easier than it sounds to get it right. Right now.
I’ve developed a specialty as change manager on software and process change implementations (MS Dynamics and GDPR in particular), so I want to give you 3 quick tips that can improve how you spend your employees’ time in these days where the main argument for not getting something done, is the lack of resources to do it.
Tip #1 Stop using information cascades as your primary communication channel (or stressing about not using it)
No one in your company has the time or attention to read through a boring text from a sender they have no real relations with. Instead use personal relations as your primary communication channel and use visuals to substitute the typical 'email from the CEO' general messages (yes, visuals).
Tip #2 Stop looking at your change and communication plan (or stressing about not having one)
94 days means it is time to get hands on and pave the road as you walk on it. This only becomes more relevant if you don’t have a previous plan lying somewhere on your desktop. Instead get hands on; follow up on that question, give that tip to your colleague you think he/she might need, send that manager on leadership training, give that sparring to your peer, use that material the individual departments has already made (this is a critical one!), make that communication, take that walk around to check in on your stakeholders, arrange that meeting etc.
By the way, if you want your employees to make a quick check on how well they understand GDPR, have them take this test CIMA has created, you will be surprised about the results (probably not positively though, sorry): www.cima.dk/pdf
Tip #3 Stop having your GDPR team in charge
Compliance does not happen in the GDPR team. Instead it happens in the specific process with the specific employee carrying out the process. If you want to stay compliant after 25 May (which you do), moving responsibility and ownership away from your GDPR team and out into your business’ managers and employees will prove to be one of your best time investments during the next 94 days and those that follow.
In a relentless DIY culture we sometimes forget the cost of going at it alone, when teaming up with a professional for help and guidance could actually in the end, save us not only time and therefore money, but also enormous amounts of efforts and stress.
If you recognize a need for external help feel free to approach me at [email protected] or give me a call, my network got you covered.