PerformanceININside Performance Marketing
JOIN THE PERFORMANCEIN Join the PerformanceIN Partner Network
GDPR Training: Why Are So Many Businesses Still Not Delivering It?

GDPR Training: Why Are So Many Businesses Still Not Delivering It?

PerformanceIN

One in five marketers feel they have not received enough training to comply with the GDPR. Rachel Whitter, Head of Learning Solutions at the Institute of Data & Marketing, discusses why GDPR training for marketers must be ongoing, practical and relevant to their role.

Over the past few years, the majority of data and marketing professionals have been given some form of GDPR training.

Generic training would typically go into depth about how European data privacy laws have changed, what the key terms and main principles of the GDPR are, and help businesses to understand the consequences of non-compliance.

The consequences of non-compliance have been well publicised by the media in a series of high profile investigations by the Information Commissioner’s Office (ICO), ultimately leading to punitive sanctions imposed against unlawful organisations.

There have also been cases of data breaches within organisations where staff were not effectively trained in how to manage customers’ sensitive information and maintain the necessary safeguards to protect it. Once again, this has led to investigations by the ICO.

Earlier this year, the hotel chain Marriott was fined for more than £99 million under the GDPR; British Airways were issued a fine of £183.39m. Highlighting just how much importance the regulator places on the security of customers' data and how seriously businesses should take this issue.

The costs to a business extend far beyond just fines, there can even be long-term effects on customer trust, share price and public perception that could have more lasting damage.

Such significant deterrents should be enough for organisations to understand how important compliance is and the role all staff have to play in achieving it.

Staff training isn’t a priority for many businesses 

Providing training and guidance to all staff should, therefore, be a clear priority for all businesses.

However, recent research has revealed a number of alarming findings that would suggest otherwise in many cases.

  • One in five (21%) marketers feel they have not received enough training to comply with the GDPR
  • 18% of marketers say the GDPR expert they were trained with didn’t have the right experience in marketing
  • One in 10 (9%) state that their training hasn’t been practical enough to date
  • A fifth of marketers (20%) say their organisations are not implementing ongoing GDPR training plans

These stats all paint quite a concerning picture of some businesses neglecting their duty to equip marketers with the skills they need.

Leading up to the GDPR’s enforcement date, the DMA authored articles highlighting best practice and published guidance to help marketers understand their role, but this should only be used as a guide and as additional reading to supplement practical learning.

Due to the complex and subjective nature of the GDPR, expert-led training is essential for marketers to not just comply, but also be knowledgeable in delivering best practice.

Data and the digital economy

For most businesses, data is its most valuable asset. So consumer trust in how they collect, store and use data is fundamental to building sustainable relationships with customers and increasing their willingness to share data.

The GDPR has already had a notable impact here. 

For example, this report indicated that the number of people who claim they would be more likely to exchange their personal information in return for personalised products or services has risen from 26% in 2015 to 34% in 2018.

In addition, the number of people who would be more likely to exchange data in return for personalised brand recommendations has increased from 20% in 2015 to 31% in 2018.

Data is an essential part of the digital economy, so maintaining its security must be a business imperative.

GDPR training for marketers needs to be ongoing, practical and relevant

When marketing teams are formulating integrated marketing campaigns and collecting, processing and segmenting sensitive information, they need to not only understand their responsibilities but also how data can be a huge asset to the overall business objectives.

And most importantly, how they can protect the customer and build trust.

Legal experts writing and delivering GDPR training are no doubt skilled at interpreting the GDPR and understanding where an organisation is legally obliged to protect consumers’ data.

Although it is one thing understanding the legal underpinnings to GDPR. It’s a totally different challenge to translate that into actionable best practice within a comprehensive data and marketing strategy.

This is why dedicated learning material and ongoing training is essential to a marketer’s ongoing development in this area.

There is a range of face-to-face and online learning platforms out there that can provide expert guidance, but whether to select the online or offline route will depend on individual and organisational requirements.
Whatever option is opted for, it is imperative that training is practical and relevant. 

In addition, there must be clear structure within the business as to how training can progress with some regularity, to reinforce previous material and act as a reminder to the responsibilities all staff have.

It’s not just a case of compliance and non-compliance

GDPR is much more than an issue of compliance and non-compliance. 
The benefits go far beyond the legal obligations and there are a number of opportunities available to those who understand how to obtain them.

As the evidence suggests, GDPR will make consumers more likely to share their data and provide invaluable insights into their preferences, and even consumer behaviour in general. 

This, in turn, will help marketers to send tailored content that the consumer is more likely to engage with.

There are still many businesses and marketing teams neglecting not just GDPR compliance, but also the benefits associated with best practice.

Without sufficient training, the long-term consequences could far outweigh the initial investment.

Continue the conversation

Have something to say about this article? Comment above or directly on Facebook, Twitter or our LinkedIn Group.

Rachel Whitter

Rachel Whitter

    Rachel has worked within the data and marketing industry for over 20 years across both the B2B and B2C sectors, with a key focus on helping technology organisations and charities develop their marketing programmes and strategies.

    Rachel’s areas of expertise include learning and development, customer engagement, customer relationship management, and digital strategy. She is a regular public speaker and has also taken part in marketing debating groups at the House of Commons.

    Rachel is also a former member of the DMA’s Email Council, and DMA Awards judging
    panel.

    Read more from Rachel

    You may also like…