Forget Compliance: GDPR Data Analytics is About Opportunity
By Eric Eckhardt, VP Legal Solutions
Our brains are biologically trained to maintain the status quo. We reinforce this bias with countless idioms in the English language that act as stern warnings against the perils and dangers of disruption. Don’t rock the boat. Don’t upset the apple cart. Sometimes, though, the forces of nature do, indeed, rock the boat and regulatory bodies upset the fundamental nature of the apple cart.
When the European Union adopted their General Data Protection Regulation, the fundamentals of data ownership and governance were redefined. Corporations around the world worked to meet compliance standards; engaging consultancies to patch the holes that GDPR created in their data warehouses, finding new and creative ways to avoid the costly fines associated with the failure to meet these new standards. In other words, we all went about retrofitting our apple carts.
But GDPR isn’t about patches and fines. It isn’t even about building a better apple cart. GDPR is an opportunity to explore and structure the entirety of your corporation’s data — probably spread across data centers housed in different business units — and employ a holistic analytics methodology that makes your data work for you while respecting the rights of the data subject under GDPR.
Silos don’t make for a good strategy
Data dispersion seems to be a systemic challenge for global corporations. Corporate growth doesn’t follow a fixed path, and different business units are shaped by the standards that govern their function. As a result, many corporations adopt a siloed approach to growth, scaling resources and infrastructure at varying rates to meet the disparate needs of each business unit.
The resulting data silos that rise out of adaptive technology solutions complicate the analytics that drives operational decision-making and C-suite reporting. Take procurement for example: probably the most data-aware department in the company, it’s often focused on delivering on its team-specific metrics, gathering, sorting and analyzing its data in a way that is not transferable to other departments. And other departments probably don’t even ask for that data, until there’s a board meeting and everybody scrambles to find some meaning in the everyday churning of data. These silos create two-speed organizations, where the odd virtuous department thrives, and the others lag.
The legal department is often the last to scale, as the practice of law, historically artisanal in nature and unyielding acts as a costly counsel to department heads and firm stakeholders. Yet, the widespread challenges associated with data silos (and subsequent operational tribulations) are often now falling on the legal department as GDPR standards represent a risk that requires mitigation. Legal is now at the helm of corporate data strategy.
With the GDPR ‘scare’ pushing them to really engage with the concept of ‘data’, lawyers are learning that data management is not simply about numbers or rules, but that data are dynamic and rich, like the written word lawyers base every legal decision on. Exigent clients are also learning that their legal departments are data rich themselves, especially in contractual terms and quantified risk. Although the data are often unstructured and unfit for analysis in the current form, contracts and legal agreements are a cornucopia of business-relevant data. What GDPR data compliance has taught lawyers globally is that it is possible to understand the entirety of the value contained in corporate (and client) data. Visionary GCs are adopting a strategy and technology solution that appropriately leverages that data, so that the GDPR expenditure they had to own in front of the board can yield efficiency and cost savings, as opposed to simply increasing the cost of legal.
Data aggregation is not the finishing line
Data management is, at its core, a tech challenge limited by operational constraints. The investment necessary to implement an ERP system may not be fiscally feasible or may not be the right path for your organization, yet to ensure compliance, data must be aggregated. Some organizations are spending money on solutions that pull data from all business units for the sole purpose of suppression at the request of a data subject. But they fail to realize that data aggregation is the first step to robust and insightful analytics. If you’ve done all the hard work, why not make it worth your while? Once your data aggregation system is in place, you can leverage it for descriptive, predictive and prescriptive analysis. This data aggregation system is a program that describes the state of the business now and, if things continue, in 6, 12, 18 months from now. Thanks to this kind of factual, detailed and timely analysis, management can understand the impact of seemingly minor changes in structure or investment or divestment.
It’s not about being a data scientist
Unfortunately, Data Science is not part of most law school curricula. Yet, lawyers often have the inherent skills required to understand analytics without even knowing it. Analytics is, above all, about understanding the interrelatedness of things (and quantifying it). It is about decoding skills and the application of the models that explain cause and effect, much like the terms of a contract or any other regulatory framework. It is an exciting time, as legal departments who are trying to fix their GDPR-ridden apple carts usher in an era that blends legal and broad-based operational interests. We aren’t building a better apple cart: we are leveraging the opportunity presented by GDPR to build a freight train.
Contact us to learn more about how we can help you leverage the opportunity that is GDPR.
Exigent is a global alternative legal services provider operating at the intersection of law, business, and technology. With a worldwide team of over 400 attorneys, business analysts, developers, and consultants, Exigent is transforming the way legal services are offered by applying analytical thinking, smart use of technology and inventive talent, to deliver answers that impact every aspect of business performance.
Exigent’s contract management solutions and business analytical tools help the C-suite, in-house counsels and law firms to reduce risk, improve compliance and drive process and cost efficiencies.
International clients trust Exigent’s powerful combination of technology, consulting and legal services in the US, Canada, UK, Australia, and South Africa. Cross-cultural and inherently borderless, Exigent has eight offices around the world, with three operating centers in Bangalore, Cape Town, and Perth. For information about Exigent visit http://exigent-group.com/