January 28 is Privacy Day - let's discuss data protection best practices

  • 27 January 2023
  • 1 reply

Userlevel 6
Badge +7

Hey Everyone,

Tomorrow (January 28th) is Privacy Day (or Data Protection Day). And no it’s not a GDPR thing. It’s actually much older: 2007 when the Facebook, YouTube or Google Analytics of the world were about 2 years old. H***, Gainsight wasn’t even born yet 😅. 

Now in 2023, there are ton of new privacy regulations popping up worldwide - in the US, since most of you fellow contributors are US-based, it involves California’s CCPA becoming the CPRA and Virginia, Connecticut, Colorado and Utah to name those I’m personally aware of. Even third-party 🍪 are dead. Not mentioning the long awaited ‘updates’ to the EU ePrivacy Directive or Regulation (or whatever they’ll end up calling it, but could change a lot about what’s acceptable (or not). 

I find this day to be a good time for all of us system owners to stop and have a look at how we and our teams live by the Privacy by Design principles* we (should) have embedded into our CS Ops practices.

For me it generally spreads two pillars:

  • Governance, which (non-exhaustively) spans areas like:
    • Maintaining an accurate view of data processing activities within the platform and understanding their impact
    • Making sure the platform is part of your systems’ data map and inventory
    • Ensuring it complies with retention policies for your different processing purposes
    • Being able to honor data subject requests
  • Development practices (or what we fondly call “design authority” in my area) and making sure every activity you undertake in the platform aligns with your governance

And that’s not a one-man-show. That’s something you do in partnership with your legal team (and bring the CRM team along. In my experience, that’s one area where it’s best to lead than to follow even if a lot of your data comes from SFDC).

What are you best practices to keep abreast of changes to the privacy landscape and adapting to it in Gainsight?

(* and for those that geek more than I do about privacy, I know that by no means is data protection a one-off thing but this milestone day is still a good reminder to maintain our acts together). 

1 reply

Userlevel 1

Thanks Alizee for this great post!

You can find some good guidance about governance and data privacy on this book : Gainsight Governance Guide