Top 3 data protection program issues and how to start resolving them: #19

At the end of each week, month or quarter, data protection leaders put in a lot of effort to assemble and circulate a report that provides a status of their work over the past period.

In many cases, the effort is a complete waste of time.

Here are three reasons this is the case.

‍

#1 Meaningless metrics

Different people in your company have different needs.

If you don’t identify their requirements or the decisions they may need to take, you’ll have little chance of fulfilling their needs.

Don’t assume you know what people want.

Ask them.

If you have close alignment with the business, align reporting with their needs.

It’s an opportunity for you to show value.

Number of consent withdrawals after a new marketing campaign?

That’s surely a valuable insight for your CMO if the info is not available elsewhere.

What other insights can you provide that bring value?

And don’t just report lots of things because you can measure them.

Who is interested in them and what value do they bring?

#2 One size fits all

I worked in a company once where a weekly status was circulated in one long email to between 50-100 people.

It was a ‘one size fits all’ list that you had to sift through each week to see if any bits were relevant - and often there weren’t.

Use a simple structure and navigation - make it easy for the reader.

If your program is large or complex, consider producing tailored reports for different groups of colleagues.

Less is more.

#3 Stuck on red, or always on amber

Align your reporting with any reporting principles and definitions that may exist in your company.

Especially principles that dictate that a program can’t be reporting red for ever.

Or amber for that matter.

Or, unless a complete disaster has occurred, a program can’t go from green to red.

Some senior colleagues may not like red or amber and the fact they prefer you not to use them doesn’t remove the underlying issues that mean you need to reflect reality in your status reporting.

Insisting on green is often about avoiding the exposure of dirty laundry.

The graphic shows a typical program reporting setup I recommend for companies that don’t have much in place: simple structures, no fancy tools, measure a few things that provide value, start small and grow from there.

‍

Purpose and Means help Data Protection Leaders refresh their work focusing on business alignment and orchestration.

We’re based in Denmark, but operate globally.

If this issue resonates, book a call to discuss your requirements!