Click to learn more about author Anne Hardy.
It’s been a number months since the CCPA was enacted by the State of California. Still, companies are facing a whole new problem: a Data Management skills shortage.
The CCPA gives individuals the right to a “verifiable consumer request.” This request requires enterprises to send the individual a report detailing what personal information the organization has collected and how it’s been used. While the transparency this creates is positive for customer relationships — especially in the wake of trust shattering events like the Facebook-Cambridge Analytica breach — it will certainly burden Data Governance teams.
Quickly gathering and packaging that data together is no simple feat. As enterprises receive more verifiable consumer requests, the teams with the Data Management skills necessary to fulfill them will be strained and may even fail to return requests. This will cost companies money and customer trust.
The More Requests, the Wider the Skills Gap
On paper, verifiable consumer requests sound like a simple task. In reality, the requests reveal that organizations may need to create and dedicate new roles to comply. When a user requests information about their data, the organization must then locate, collect, and package the data in a digestible and accurate report and return this information to the requester within 45 days. However, most organizations and their respective CIOs don’t have the teams nor the tools to govern data this precisely across the whole enterprise. One individual’s data may be spread across hundreds of systems and separate divisions of a company, being used for different purposes by multiple teams. Gathering such dispersed data requires a deep knowledge of Data Management and time. Most existing Data Management teams will not have the resources to meet the high demands of each request.
Further, the more data requests an organization receives, the more overwhelmed they will become with trying to fulfill them. With a shortage of employees dedicated to governance and management, CCPA requests run the risk of being untimely, inaccurate, or worse, simply falling through the cracks entirely. Organizations that do not comply will be subject to fines, even if their noncompliance was unintentional. Under the CCPA, not having staff skilled enough to correctly comply comes at the expense of the business.
The Cost of Customer Trust
Fines and legal penalties are not the only things companies have to worry about if they fail to comply with the CCPA. They can also lose customer trust. Consumer faith in the companies gathering their data has been poor for the last few years. Most consumers wish they could disengage from their current services but feel trapped by limited options. A recent survey found that 85 percent of global consumers wish “there were more companies I could trust with my data.” The same survey also found that 76 percent of global consumers feel that “sharing my personal information with companies is a necessary evil in today’s modern economy.”
If organizations under CCPA guidelines want a chance to salvage customer trust, they will need to overcome the Data Management skills gap. Companies that cannot fulfill the verifiable consumer request from already untrusting consumers will almost certainly lose their business to enterprises that can fulfill consumer requests. Under the CCPA, well-managed data becomes an asset to the organization because companies can find value in maintaining and strengthening relationships with consumers. This also means that mismanaged data can cost the business. Organizations without strong Data Management teams need to narrow their skills gap — or risk a valued asset becoming a costly liability.
How to Close the Skills Gap and Manage Data Like an Asset
To close the skills gap and ensure data doesn’t become a liability, enterprises should consider doing two things: Create a Data Management team for the specific purpose of governing consumers’ personal data, and adjust company attitudes to view data as an asset, not just a byproduct of its customers.
The CCPA has created the need for new positions. In larger enterprises, managing consumer data will become a full-time job. It’s not a task CIOs or other members of leadership should pass off to already existing Data Management teams because the position is an entirely transversal one. Unlike managing data in a single department, like HR or sales, this team will be responsible for the data of all stakeholders, regardless of which department manages them. These Data Management teams can also maintain better visibility of the data stored and protect valuable PII from a costly breach. Adding a collaborative data stewardship application, like a data self-service portal, will further ease data requests.
To best set themselves up for long-term CCPA compliance, companies need to adjust their attitude towards data. Organizations need to stop viewing data as a collectible runoff from their stream of users and customers and start viewing data as an asset. Trustworthy and well-managed data can increase business value, just like well-managed and trustworthy employees. Enterprises planning on deriving business value from their data need to recognize that all data is not necessary to their work and exercise better precision in their selection processes. With better precision, companies can focus on organizing and protecting the data they know has value and not create a possible liability by storing PII that may have no value.
The CCPA was designed to reestablish trust between consumers and organizations and give power over data back to the people. In the past six months, the CCPA revealed a Data Management skills gap in the enterprises operating under its guidelines. Without full-time teams dedicated to managing data and meeting consumer requests, the CCPA will cost organizations business and consumer trust. However, companies that create new positions to specifically manage consumer data and adjust their attitudes about how data is collected can close the skills gap and see more business value from their data.