As you’re certainly aware, the General Data Protection Regulation (GDPR) officially went into effect on Friday, May 25th. The GDPR aims primarily to grant EU citizens and residents–individuals within the European Union (EU) and the European Economic Area–complete control over their personal data.
Even for non-EU citizens and those living outside the covered geographic area, changes have occurred. You probably saw during the run-up to May 25th (and may continue to see) emails with the subject of “updates to changes in services and privacy policy” or similar popping up in your inbox. Companies of all types and sizes around the world took this opportunity to update policies with all of their customers, no matter where they reside.
Despite a two-year preparation period, not all were ready for May 25th. Some chose to stop serving EU customers; one of the more notable cases was that of Instapaper, which opted to temporarily cease operations until they could sort out their compliance issues.
Others were more than prepared. Apple and Microsoft were among companies choosing to extend some or all GDPR rights even to non-EU customers.
Looking at these events–policy change emails sent to non-EU customers, some services inaccessible to EU citizens, and other news stories–it’s no doubt many customers might have a sense of confusion. Though we are still early into the life of this regulation, this onslaught of GDPR-related activity would seem to be a likely cause of many new calls, emails, chats, and social media contacts from customers simply seeking some clarity. Would you say your customer service is prepared for all the questions, as well as the GDPR-granted data requests?
Luckily, GDPR is not unlike any other high-volume issue to challenge customer service. Existing technology can help to mitigate the volume as well as provide customers with the tools and information they need to be informed and exercise their GDPR rights.
Automate GDPR-related Requests
The cornerstone of GDPR is the unprecedented control it gives individuals over their data. Everything from the right to see what data has been collected, the ability to edit it, see and restrict how it is processed, and the right to be forgotten (data erasure) must now be offered by companies. While a huge win for customers and privacy, it creates a new set of services that must be provided to customers in order to comply with the directive.
These services are not unlike other common requests that might already exist as automated solutions on your customer service website. Do you allow customers to view and change their personal information? Do you allow them to update communication preferences? Do you offer the ability to register warranties, track shipments, or request field service? Just as automation has created a self-service option for customers for issues such as these, so too can GDPR requests be automated.
Connect Systems and Processes with Workflow
I realize I’ve made it sound like automating those request is so simple: simply let the customer fill out a form and push a button on your website. I recognize there is more to it than that, the automation provides a framework and tool customers are familiar with.
The unfortunate truth is it probably is not so simple for most companies. Why? The two most likely reasons are disconnected systems (each potentially storing a subset of customer information) and cumbersome, manual processes necessary to comply to GDPR requests.
Perhaps data consolidation isn’t possible. Perhaps legacy systems in back-office systems necessitate manual processes. Still, the use of workflow can assist in easing the burden.
When customers have executed an automated GDPR-related request, workflow connects the dots from initiation through to completion, regardless if the process is completely automated or involves manual steps. Workflow ensures a process is standardized, repeatable, compliant, and complete from end-to-end. Detours due to delays and timers to ensure completion by mandated deadlines can be built-in. Most important of all, it creates an auditable record for compliance purposes.
Provide Information via Knowledgebase Articles
Remember, GDPR is likely to generate a lot of questions from EU and non-EU customers alike. These questions are not unlike any other problem that requires a solution, and therefore your knowledgebase can serve up the answers, and do so in a consistently correct manner.
Of course, not every customer will consult your knowledgebase, and that’s okay. When customers contact you directly, your customer service agents will equally benefit from having GDPR policies and answers to common questions at their fingertips.
Empower Customers While Minimizing the Burden on Customer Service
In the near term, GDPR will continue to create plenty of confusion for companies struggling to complete implementation as well as for customers around the world trying to make sense of what their rights are as EU or non-EU citizens. Regardless if your company chose to only address EU customers or to extend GDPR-style protections to your entire customer base, it most likely has resulted in added work in customer service.
The good news is a modern customer service organization is prepared to take on that additional volume of work. GDPR-related inquiries can be taken on just as customer service does any other problem: by executing GDPR-related requests with automated solutions, speeding and simplifying that delivery in a compliant manner via workflow, and providing information and answers to with knowledgebase articles. Though GDPR is still fairly new (with follow-on legislation in the EU and other countries sure to come) and its full effects have yet to be seen, customer service has the tools available to properly support customers’ new rights.